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Yes! 


The  network  portal:  www.nwtusion.com 

I  want  to  continue  to  receive  my  FREE  subscription  to  Network  World, 
the  leading  industry  resource  for  Network  IS  professionals. 


□  No,  thank  you. 


Your  Signature 

Today's  Date 

Publisher  reserves  the  right  to  serve  only  those  individuals  who  meet  publication  qualifications.  ALL  questions  must  be  answeed.  Incomplete  forms 
will  not  be  processed.  FREE  subscnptions  available  to  qualified  U.S.  applicants.  International  rates  available  upon  request. 


Business  F’hone 

Business  Fax 

Internet  E-mail  Address 

. — .  We  would  like  to  send  you  periodic  information  via  email  on  3rd  party  networking  products/services. 

1 _ 1  Check  here  if  you  DO  NOT  wish  to  receive  this  information. 

R1001A 


What  is  the  principal  business  activity  at  your  location?  (check  one  only) 


3 


01.  _ 
02.  _ 
03.  _ 
04.  _ 
05.  _ 
06.  _ 
07.  _ 
08.  _ 
09.  L 


10. 

11 


Manufacturing  (other) 

Finance/Banking 

Insurance/Real  Estate/Legal 

Health  Care  Services 

Hospitality/Entertainment/Recreation 

Media/TV/Cable/Radio/Print 

Retail/Wholesale  Trade/Business  Services 

Transportation 

Utilities/Process  Industries  (Mining/Construction/Petroleum  Refining / 
Agriculture/Forestry) 

Education 

Govemment/Military 


12. 

Consulting  (Independent)* 

01. 

VPN  Equipment 

06. 

Internet  Services 

11. 

13. 

Communications  Carriers 

02. 

VPN  Services 

07. 

Web  Hosting 

12. 

14. 

ISP 

03. 

Firewalls/Security/Encryption 

08. 

Content  Hosting 

13. 

15. 

ASP 

04. 

Electronic  Commerce  Tools 

09. 

Traffic  Management 

14. 

16. 

Manufacturing  (Computer/Communications/OEM) 

05. 

Web  Servers/Software 

10. 

Web  Development  Tools 

15. 

17. 

Resellers/VARs/VADs/Integrators/Distributors  (Computers/ 

LANs/INTERNETWORKING 

18.  EH  Other  (Specify) _ 

*ATTN  CONSULTANTS,  INTEGRATORS,  DISTRIBUTORS, 
RESELLERS.  PLEASE  COMPLETE  FORM  BASED  ON  ALL  CLIENTS 
AND  YOUR  OWN  BUSINESS  NEEDS. 


&  P:  What  is  your  primary  job  function?  (check  QNE  only) 


S:  What  is  your  secondary  job  function?  (check  ALL  that  apply) 
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P  s 

_  1.  _  Network  Management 
_  2.  _  LAN  Management 
_  3.  _  Datacom/Telecom  Management 
_  4.  _  CIO/CTO/IS/IT/MIS/Systems  Management 
_J  5.  LJ  Intemet/Intranet/E-Commerce  Management 


B6.  LJ  Engineering  Management 

7.  EJ  Corporate  Management  (CEO,  coo.  CFO,  Pres.,  VP, 
Dir..  Mgr.) 

_  8.  _ j  Consultant  (independent) 

□  9.  □  i 


Other  (Specify) 


C%.  wnat  is  the  estimated  value  of  network  equipment  and  services 

that  you  specify,  recommend,  or  approve  the  purchase  of? 


(Please  pent  the  appropriate  number  code  on  the  line  next  to  each  product  category.  Please  complete  ALL  categories  A-O.) 


3 


1.  $1 00  million  or  more 

2.  $50  million  to  $99.9  million 

3.  $25  million  to  $49.9  million 

4.  $10  million  to  $24.9  million 

5.  $1  million  to  $9.9  million 

6.  $100,00  to  $999,999 

7.  $50,000  to  $99,999 

8.  Under  $50,000 

9.  None  of  the  above 


A  _ Large  Systems  ( Mainframes/Minis )  I 

B  _ Desktops  (Micros/ Laptops/Workstations)  4 

C  _ Mobile  ( Including  PDAs,  Wireless)  K 

D  _  Servers  L 

E  _ LANs  M* 

F  _ WAN  Equipment  N 

G  _ Carrier  Services  O 

H  _ Internetworking  ( Including  Routers,  Switches ) 


Intemet/Web/E-Commerce 

Intranet/Extranet 

Remote  Access 

Peripherals 

Software 

Services/Support 

Storage 


CE  What  is  the  total  number  of  sites  for  which  you  have  purchase  influence?  (checkOM 


1.CJ100+ 


2.  □  50  to  99 


3.  □  20  to  49  4.  □  1 0  to  19 


5.  □  2  to  9 


6.  □  1 


7.  Cl  None 


RENEWING  with  your  customized  form  is  a 


1 .  Look  at  the  BLUE  shaded  box  below. 

2.  Answer  only  those  questions  indicated  in  the  BLUE  box. 
(If  the  box  is  blank,  simply  sign  and  date  the  blank  form.) 

3.  Sign,  date  and  fold  the  form,  and  mail  it  by  March  23. 


Please  make  any  necessary  address  corrections  to  mailing  label. 


^ _ _ _  _ _ 

Renew  NOW  to  keep  NetwbrkWiid  coming  FREE! 


^  Please  indicate  the  Intemet/Intranet/WAN/LAN/Remote  products/services  that  you  are  currently 


involved  in  purchasing  or  plan  to  purchase.  (checkALLthatapp^ 


3 


A.  CURRENTLY  INVOLVED  IN  PURCHASING 

INTERNET/INTRANET _ 

A  B 


B.  PLAN  TO  PURCHASE 


B 


Other  Internet/Intranet 


16. 

Local-Area  Networks 

24. 

Layer  2  Switches 

32. 

17. 

_ 

Network  Operating  System  Software  (NOS) 

25. 

Layer  3  Switches 

33. 

_ 

18. 

Intel  Based  Servers 

26. 

Layer  4-7  Switches 

34. 

_ 

19. 

_ 

Intel  Based  Multi  Processor  Servers 

27. 

ATM  Switches 

35. 

20. 

RISC  Based  Servers 

28. 

Token-Ring  Switches 

36. 

21. 

Clustered  Servers 

29. 

Network  Storage  (NAS,  SANs) 

37. 

22. 

Print  Servers 

30. 

Storage/Backup  (Optical,  Disk,  Tape,  RAID) 

38. 

23. 

- 

Routers 

31. 

Network  Test/Diagnostic  Tools 

39. 

UPS 

Network  Interface  Cards  (NiCs,  PCMCIA) 
Hubs/Intelligent  Hubs/Stackable  Hubs 
Cables,  Connectors,  Baiuns 
Management  Frameworks 
Call  Center  Tools 
Voice  over  LAN 

Other  Local  Area  Network/lntemetworking 


REMOTE/WIRELESS  - 
A  B 

~1  PDAs 


B:B 


Remote  Access  Products 

WAN  EQUIPMENT  &  SERVICES  - 
A  B 


BsB 


Remote  Access  Services 
Wireless  Data  Equipment/Services 


A  B 

EJ44.  EJ  Other  Remote/Wireless 


_ 

45. 

Modems 

51. 

46. 

Cable  Modems 

52. 

47. 

Asynchronous  Transfer  Mode  (ATM) 

53. 

48. 

Frame  Relay  Equipment  including  FRADS 

54. 

_ 

_ 

49. 

Frame  Relay  Services 

55. 

— 

50. 

ISDN  Equipment/Services 

56. 

_ 

xDSL  Services/Products 


PBXs 


57. 

58. 

59. 

60. 

Video  Conferencing 
Managed  LAN/Router  Services 
Fax  Servers/Services 


A  B 

None  of  the  above  (1-60)  EJ61.EJ 


^JSlPiease  indicate  the  Network  hardware/software/services  that  you  are  currently  involved  "\ 

ly  in  purchasing  or  plan  to  purchase.  (check  Al  l  that  apply)  y 


A.  CURRENTLY  INVOLVED  IN  PURCHASING 

SYSTEMS/PERIPHERALS - 


B.  PLAN  TO  PURCHASE 


A 

01. 

B 

02. 

03. 

04. 

Laptops/Notebooks 

PCs 

Windows  Terminals/Thin  Clients 
Workstations 


J  06. 


J  08. 


Storage/Backup  (Optical,  Disk,  Tape,  RAID) 

09. 

_ 

Printers 

10. 

_ 

Printer/Fax/Copier  Hybrids  (Multifunction  Printers) 

11. 

_ 

Minis 

12. 

B 

Mainframes 
Fax/Modem  Boards 
Memory/Chips/Boards/Cards 
12.  LJ  Other  Computers/Peripherals 


SOFTWARE/APPLICATIONS- 

A  B 


B 


13. 

Network  Management  (rnci.  SNMP) 

21. 

E-Mail 

28. 

14. 

Systems  Management 

22. 

Enterprise  Resource  Planning  (ERP) 

29. 

15. 

Security 

23. 

EDI 

30. 

16. 

Directory  Services 

_ 

24. 

Desktop  Videoconferencing 

31. 

_ 

17. 

_ 

Operating  Systems 

25. 

Imaging 

32. 

18. 

_ 

Applications  Development  Tools 

26. 

Middleware/Serverware 

33. 

19. 

Database  Management/RDBMS 

27. 

Document  Management 

20. 

Groupware 

Site  Metering  Tools 
Data  Warehousing 
Anti  Virus  Software 
Multimedia 
Helpdesk 

Other  Software/Applications 


SERVICES _ 

A  B 

EJ  34.  EJ  BPO  (Business  Process  Outsourcing  me/. 

Financial  Services,  HR,  Logistics  etc.) 

EJ  35.  EJ  ASP  Services 


36. 

37. 

38. 

_ 

Call  Center  Outsourcing 
Systems  Integration/Consulting 
Education/Training  Services 


A  8 

EJ  39.  EH  Other  Services 

A  B 

None  of  the  above  (1-39)  CJ40.EJ 


Please  indicate  the  platforms  that  are  currently  installed/planned,  (check  Ag^t  apply) 


A.  CURRENTLY  INSTALLED 

NETWORK  PROTOCOLS _ 

A  B 

TCP/IP 
IPV6 


B.  PLANNED  FOR  PURCHASE 


01. 

02. 

03. 

04. 

05. 

APPC/APPN/LU6.2 

08. 

SNMP 

06. 

NETBIOS/NETBUEI 

09. 

HTTP 

07. 

NFS 

10. 

Other  Network  Protocols 

LAN/WAN  ENVIRONMENT  - 
A  B 


Switched  Ethernet 
Fast  Ethernet 


11. 

12. 

13. 

14. 

15. 

16. 

ATM 

Token  Ring/Token  Ring  Switching 


B 

17.  _  Layer  3.4  Switching 

18.  _  FDDI 

19.  _  100Base-T 

20.  _  lOBase-T 

21.  _  Fibre  Channel 

22.  □  Wireless  LANs 


23. 

DSL 

24. 

ISDN 

25. 

Frame  Relay 

26. 

Private  LineT1,T3,  FT-1,  SONET 

27. 

Other  LAN/WAN  Environment 

NETWORK  OPERATING  SYSTEM  - 

A  B 


29. 


COMPUTER  OPERATING  SYSTEM  - 

A  B 


Windows  NT/Windows  2000 

31. 

Novell  (NetWare  2.X,  3jg 

34. 

Novell  (NetWare  5.X) 

32. 

UNUX 

35. 

Novell  (NetWare  4.X) 

33. 

Microsoft  (LAN  Manager) 

36. 

Banyan  (Wnesj 
IBM  (LAN  Server) 

Other  Network  Operating  System 


37. 

NT  Workstation 

42. 

UNUX 

47. 

__ 

Digital  VMS 

38. 

Windows  2000 

43. 

DOS 

48. 

Macintosh 

39. 

Windows  98. 95  3.1 

44. 

OS/2,  OS/2  WARP 

49. 

Other  Computer  Operating  System 

40. 

Intel  Based  UNIX 

45. 

OS/400 

A  B 

41. 

RISC  Based  UNIX  )ncL  SOLARIS) 

46. 

IBM  MVS/VM/VSE/ESA 

None  of  the  above  (1-49)  LJ50.LJ 

^  PLEASE  FOLD  HERE  SECOND  -  SEAL  WITH  TAPE  NOT  STAPLES.  PLEASE  FOLD  HERE  FIRST. 


You’ve 
reached 
the  end  o 


ms- ' 


Renew  TODAY  to  keep  your  FREE  subscription  to  Network  World! 


Your  FREE  subscription  to  Network  World  has 
reached  its  outer  limits  and  it  will  end  if  you  don’t 
renew  NOW.  Complete  and  return  vour  customized 
renewal  bv  March  23  to  keep  Network  World  coming 

FREE  without  interruption. 

This  is  one  of  the  last  chances  you’ll  have  to  renew. 
To  make  it  easier  for  you,  we’re  asking  you  to  answer 
just  a  few  quick  questions. 

If  you  don’t  respond,  your  subscription  will  lapse, 
and  your  FREE  issues  will  end.  Don’t  let  this 
happen!  Take  5  minutes  today,  and  answer  these 
simple  questions  to  keep  your  FREE  issues  coming! 


For  faster  renewal,  go  to  WWW.nwwSUbSCribe.COin/erl  001a  to  renew  online. 


isSfs,  What  is  the  total  number  of  Servers/Clients/LANs  installed/planned  at  your  location/in  "\ 

Wff  vour  entire  organization?  (check  ONE  box  in  each  column) _ __ _ J 


At  Location 

A 


SERVERS 


Entire  Org. 

B 


1.  50,000+ 

2.  10,000  to  49,999  |_ 

3.  1,000  to  9,999 

4.  100  to  999 

5.  50  to  99 

6.  10  to  49 

7.  1  to  9 
None 


8 


At  Location 
C 


CLIENTS 


Entire  Org. 

D 


50,000+ 

10,000  to  49,999 
1,000  to  9,999 
100  to  999 
50  to  99 
10  to  49 
1  to  9 
None 


At  Location 

E 


LANs 


Entire  Org. 

F 


- 


50,000+ 

10,000  to  49,999 
1,000  to  9,999 
100  to  999 
50  to  99 
10  to  49 
1  to  9 
None 


What  is  your  scope  and  involvement  in  purchasing  decisions  for  network  products 
and  services  for  your  enterprise? 
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01. 

02. 

_ 

) 

03. 

A.  SCOPE  (check  ONE  only) 

Corporate 

1 .  □  Entire  Enterprise/Multiple  Enterprises 

2.  D  Division/Multiple  Divisions 


3.  Q  Department 

4.  LH  None 


Which  of  the  following  hardware  platforms  are  installed/planned  in  your  company?  (check  ALL  that  appi^ 


A  -  MAINFRAMES  (Large  Scale) 

1.  □  IBM 

2.  Ll  Other 


B- 

MINIS  (Midrange) 

C- 

W 

1. 

IBM  RS/6000 

1. 

2. 

IBM  AS/400 

2. 

3. 

Digital/Tandem/Compaq 

3. 

4. 

Unisys 

4. 

5. 

H-P 

5. 

6. 

Other 

6. 

1 .  _  Sun  Microsystems 


H-P 

Digitai/Compaq 
IBM 

5.  Silicon  Graphics 
Other 


What  is  the  estimated  gross  revenue  of  your  entire  company/institution?  »**accnM  ) 


$10  billion  to  $19.9  billion 
$1  billion  to  $9.9  billion 


$500  million  to  $999.9  million  07. 
$1 00  million  to  $499.9  million  08. 
$50  million  to  $99.9  million  09. 


_  $10  million  to  $49.9  million  10.0  None  of  the  above 

$5  million  to  $9.9  million 
$4.9  million  or  less 


B.  1 

1.  I 

NVOLVEMENT  (check  ALL  that  apply) 

_  Create  Network/IT  Strategy 

J  Evaluate  Products/Services 

For  which  areas  outside  of  the  U.S.A.  do  you  have  purchase  influence? 

(check  ALL  that  apply) 

2.  . 
3.  _ 

_  Recommend/Specify  Brand 
_  Approve  Purchase 

5.  _ 

6. L 

_  Determine  the  Need 
_  None 

1.  _ Europe  3. _ South  America  5. _  Middle  East 

2.  1 _ 1  Asia  4.1 _ 1  Australia  6.LJ  Africa 

7. _  Canada 

8.1 _ i  None 

Form: 0001 


j  |  What  is  the  estimated  number  of  employees  at  your  location/in  entire  organization?  (check  ONE  in  each  sectioij) 


A.  AT  YOUR  LOCATION 

B.  ENTIRE  ORGANIZATION 

1. 

Over  20,000  6. 

500  to  999 

1. 

Over  20,000 

2. 

10,000  to  19,999  7. 

250  to  499 

2. 

10,000  to  19,999 

3. 

5,000  to  9,999  8. 

100  to  249 

3. 

5,000  to  9,999 

4. 

2,500  to  4,999  9. 

99  or  less 

4. 

2,500  to  4,999 

5. 

1,000  to  2,499 

5. 

1,000  to  2,499 

6.  □  500  to  999 

7.  □  499  or  less 


Complete  and  return  all  questions  indicated  in  the  blue 
shaded  box  on  the  front  of  this  wrap.  If  no  questions  are 
listed,  just  sign,  date  and  mail  your  form  by  March  23. 


NO  POSTAGE 
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BUSINESS  REPLY  MAIL 
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POSTAGE  WILL  BE  PAID  BY  ADDRESSEE 
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WHAT  MICROSOFTTRIAL? 


Users  staying  the  course  with  Windows  roll 
outs  as  antitrust  case  drags  on.  Page  15. 


Bad  financial  news  and  layoffs  raise 
questions  about  3Com's  future.  Page 


Keeping  tabs 


BY  ELLEN  MESSMER 

With  financial  firms  invest¬ 
ing  millions  or  billions  of  dol¬ 
lars  annually  on  network  ser¬ 
vices,  software  development 
and  other  IT  projects,  spending 
can  easily  get  out  of  control. 

Costs  escalate  as  depart¬ 
ments  spend  away,  leaving  pro- 


"A  $5,000  IT 
project  can  easily 
grow  into  more 
than  a  $250,000 
project." 


Roy  Anderson,  director  of 
procurement,  John  Hancock 
Financial  Services 

on  IT  buying 


curement  managers  in  the  dark 
until  an  unexpectedly  high 
stack  of  bills  arrives.  Keeping 
up  with  contractors,  consul¬ 
tants  and  service  providers  can 
be  elusive  when  information  is 
shared  through  phone  conver¬ 
sations  or  fax.  So  prominent 
firms  such  as  Merrill  Lynch, 
See  Online,  page  67 


'Decoy  nets'  gain  backers 
in  battle  against  hackers 


BY  ELLEN  MESSMER 

ORLANDO  —  As  hackers 
obtain  ever  more  dangerous 
and  easy-to-use  tools,  they  are 
being  countered  by  novel 
defense  strategies.  Witness  the 


experimental  idea  of  setting  up 
a  decoy  network  separate  from 
your  real  one  to  fool  intruders 
as  they  try  to  fool  you. 

This  so-called  “deception” 
network  is  envisioned  as  more 
See  Hackers,  page  66 


More  online. 


HIM  PilADn  Ttyi^ t0  stay  one  step  ahead  of  hackers  while 
Ulil  UURilU  defending  your  network?  Use  our  online  resources. 


www.fivi/  fu  s  i  o  n  .  c  o  m  DocFinder:3  25  8 


Bells  are  failing 
to  compete  as 
they  promised 

BY  DAVID  ROHDE 


VPN  users  to 
get  mgmt  help 


WASHINGTON,  D  C.  —  Call 
it  the  “quid”  without  the  “pro 
quo.” 

In  a  grand  bargain  over  the 
past  few  years,  the  government 
has  allowed  the  eight  domi¬ 
nant  local  carriers  —  the  seven 
original  Bells  plus  GTE  —  to 
shrink  to  four  in  exchange  for 
written  promises  to  begin 
competing  with  one  another. 

Yet  nearly  halfway  into  the 
three-year  period  the  govern¬ 
ment  defined  for  SBC  Commu¬ 
nications  to  compete  locally 
with  the  three  other  Bells, 
users  and  independent 
See  Bells,  page  14 


BY  JIM  DUFFY  AND 
TIM  GREENE 

Two  leading  players  in  the 
VPN  market  are  launching 
products  to  ease  and  coordi¬ 
nate  management  of  VPNs  and 
firewalls. 

Cisco  this  week  is  expected 
to  announce  the  VPN/Security 
Management  Solution  (VMS),  a 
suite  of  management  applica¬ 
tions  for  the  CiscoWorks2000 
platform  that  is  designed  to 
give  users  integrated  manage¬ 
ment  of  Cisco  VPN  routers,  con¬ 
centrators  and  PIX  firewalls. 


Rival  Check  Point  Software  is 
offering  what  it  calls  Next  Gen¬ 
eration  Management,  software 
that  allows  network  administra¬ 
tors  to  set  VPN  policies  and 
draws  a  diagram  of  policies  that 
are  in  force. 

Such  tools  are  required  by 
users  looking  to  build  out  or 
scale  their  networks  without 
having  to  individually  config¬ 
ure  devices  or  use  separate 
applications  to  monitor  VPNs 
and  firewalls. 

“I  single-handedly  support 
1,200  VPN  users  and  six  [Check 
See  Cisco,  page  12 


VoIP  to  the  rescue:  Connecticut's  IT  staffers  turn  to  VoIP  after  tlieir  building  is  condemned,  page  42. 


Face-off:  Is  VoIP  ready  for  prime  time?  Larry  Hettick,  left,  of  TeleChoice  and  Steve  Taylor 
of  Distributed  Networking  Associates  disagree,  page  39. 


Can  VoIP  gear  from  different  vendors  talk  to 

each  other?  Nine  vendors  pass  our  groundbreaking  VoIP  interoperability  tests,  page  45. 


NetwoikWorldFusion 


Webcast:  Can  VoIP  live  up  to  the  hype?  Find  out  in  our 
"Networked  World"  broadcast  on  March  9.  Sign  up  now.  DocFinder:  3235 

_ _Z _ I 


I  3ft  S’  Windows  2000 

J  I  Server  Family 


THE  FABLED  FIVE  NINES.  ELUSIVE,  COVETED, 

For  a  server  operating  system,  the  five  nines  are  a  measure  of  reliability  that  translates  into  just  over 
five  minutes  of  server  downtime  per  year*  Of  course,  rumors  of  this  99.999%  uptime  usually  start 
under  ideal  lab  conditions.  But  where  are  these  five  nines  when  your  company  needs  them?  If  you’re 
using  Microsoft®  Windows®  2000  Server-based  solutions,  they  may  be  closer  than  you  think.  Today 
Starbucks,  FreeMarkets  and  MortgageRamp,  an  affiliate  of  GMAC  Commercial  Mortgage,  are  using 
Windows  2000  Server-based  systems  that  are  designed  to  deliver  99.999%  server  uptime.  With 
system  architecture  improvements  for  higher  server  uptime  plus  fault-tolerant  and  redundant  systems 
for  increased  availability,  the  Windows  2000  Server  platform  is  helping  these  companies  maximize 


•This  level  of  availability  is  dependent  on  many  factors  outside  of  the  operating  system,  including  other  hardware  and  software  technologies,  mission-critical  operational  processes  and  professional  services.  ©  2001  Microsoft  Corporation.  All  rights  reserved.  Microsoft 

Windows,  and  the  Windows  logo  are  either  registered  trademarks  or  trademarks  of  Microsoft  Corporation  in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademarks  of  their  respective  owners. 


AND  CLOSER  THAN  YOU  THINK. 

uptime  and  minimize  network  interruptions.  But  a  server  OS  alone  doesn’t  get  you  five  nines,  which  is 
why  we’ve  teamed  up  with  industry-leading  system  providers  to  ensure  that  the  right  combination  of 
people,  process  and  technology  is  utilized.  Industry  leaders  such  as  Compaq,  Hewlett-Packard,  Unisys, 
Stratus  and  Motorola  Computer  Group  can  work  with  you  to  deliver  solutions  with  up  to  five  nines  uptime 
with  their  custom-built  Windows  2000  Servers  shipping  today.  Of  course,  not  all  installations  require  this 
level  of  reliability,  but  one  thing  is  for  sure:  The  Windows  2000  Server  family  can  help  you  get  to  the  level 
of  reliability  you  need,  even  five  nines.  To  learn  more  about  server  solutions  you  can  count  on,  visit 
microsoft.com/windows2000/servers  Software  for  the  Agile  Business. 
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Visual  UpTime  for  Higher  WAN  Service  Availability 
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is  real  time 


You  know,  there's  just  no  time  to  do  anything  anymore. 

Everything  happens  too  fast.  That's  why  you  need  Visual  UpTime 
for  your  Frame  Relay,  ATM,  and  IP  networks.  It's  the  best 
operational  troubleshooting  and  SLA  validation  tool  in  the 
business.  Why?  Because  it  goes  about  its  business- performance 
monitoring,  troubleshooting  and  protocol  analysis- in  real  time. 
Giving  you  more  time  to  handle  problems,  before  they  become, 
well,  problematic.  And  UpTime  lets  you  perform  pro-active  service 
level  management  so  you  can  use  that  info  to  increase  availability 
and  reduce  operational  costs.  So  want  to  do  some  real-time 
troubleshooting  to  improve  your  level  of  service?  Go  ahead,  your 
users  won't  suspect  a  thing.  ^^00^^^^^^^ 

To  see 

f  what  UpTime  can  ^ 
really  do,  check  out  y 
www.visualnetworks.com/ 
nwuptimedemo  for  a  free 
product  demo.  But  hurry.  1 
L  Time,  as  they  say,  M 
will  not  wait. 


Visual  UpTime 


Visual  Trinity 


Visual  IP  InSight 


Visual  eWatcher 


Visual  BenchMark’ 


VISUAL 

NETWORKS* 


www.visualnetworks.com/nwuptimedemo 

1-800-240-4010 

UK:  +44(0)118  988  0242 
ASI A/Pacific:  65-430  6786 


©2000  Visual  Networks  Technologies,  Inc.  Visual  Networks  and  Visual  UpTime  are  registered  trademarks  of,  and  Visual 
BenchMark,  Visual  IP  InSight.  Visual  Trinity  and  Visual  eWatcher  are  trademarks  of  Visual  Networks  Technologies,  Inc. 
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Greetings  from  the  internet 


>>  just  arrived 


in  europe  via  intemap. 


smooth- 


passed  the  space  shuttle 


twice. 


and  the  service  ...ah, 


i  could  get  used  to  this. 


>>y  our  data 


Your  data  will  quickly  become  accustomed  to  the  first-class  treatment  Internap  gives  every  byte.  We’re  the  only 


ones  to  have  service  level  agreements  with  all  the  major  Internet  backbone  providers.  Combine  that  with  our 
intelligent  Overlay  Network  that  analyzes  all  Internet  traffic  by  the  nanosecond,  and  it’s  no  wonder  we  keep  your  data 
on  the  fastest,  most  reliable  route  to  its  destination.  Coffee,  anyone?  To  learn  more,  visit  www.internap.com 
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The  intelligent  way  through  the  Internet 


COONEY'S  CORNER 

The  best  of  the  NetFlash  daily  newsletter 


THIS  WEEK 


ONLINE 


www.nwlusion.com 


INTERACTIVE 

The  E-commerce  Issue  minisite 

Our  annual  companion  to  the  Network  World  Signature  Series  print  edi¬ 
tion  contains  our  Buyer's  Guide  for  e-commerce  outsourcers  and  a  round¬ 
table  discussion  on  the  new  rules  for  IT  project  management.  Plus,  down¬ 
load  checklists  and  get  loads  of  e-commerce  advice.  DocFinder:  3244 

Battle  over  VoIP 

Is  voice  over  IP  a  good  bet  in  the  enterprise?  Convergence  newsletter 
authors  Larry  Hettick  and  Steve  Taylor  go  to  the  mat  over  the  hyped 
technology.  DocFinder:  3245 


That's  the  government  for  you 


I  know  our  government  is  a  slow-moving  beast,  but  I  can’t 
help  but  wondering  why,  when  there  is  a  group  of  people  so 
fired  up  to  tackle  a  tough  problem,  Washington  takes  so  long 
to  support  it.  Almost  a  year  after  a  congressional  commission 
came  up  with  a  roadmap  of  recommendations  it  said  would 
solve  the  country's  gross  shortage  of  high-tech  workers,  the 
group  tasked  with  handling  that  duty  finally  got  money  last 
week  —  but  only  $2  million. 

The  Council  on  Competitiveness  is  tasked  in  particular  with 
driving  more  women  and  minorities  into  the  wonderful  world 
of  technology.  The  group  consists  of  government,  academic 
and  industry  leaders.  Now  that  the  effort  is  at  least  off  the 
ground,  let's  hope  the  council  can  move  faster  than  the  gov¬ 
ernment.  DocFinder:  3259 


Flaw  revealed  in  Cisco  I0S 

Cisco  last  week  warned  customers  of  a  flaw  in  its 
Internetwork  Operating  System  software  that  could  compro¬ 
mise  the  integrity  of  TCP  traffic  sent  to  and  from  its  routers 
and  switches.  DocFinder:  3260 


Test  Pilots 

MultiTech  MultiVoIP  200 

VoIP  Expert  says  you'll  save  money  with  this  voice-over-IP  product,  but 
only  if  you  really  know  what  you're  doing.  Read  his  review,  then  add  your 
comments.  DocFinder:  3246 


Peregrine  beefs  up  asset  management  software 

Peregrine  Systems  recently  upgraded  its  asset  manage¬ 
ment  product  suite  to  automatically  discover  network  and 
telephony  devices  and  to  track  contracts  with  service 
providers  to  see  how  well  they  are  meeting  service-level 
agreements.  DocFinder:  3261 

—  Michael  Cooney,  associate  news  editor 


NEWS 

Peer  to  peer 

Stay  up-to-date  with  the  latest  news  on  the  emerging  peer-to-peer  field. 
Our  Peer-to-Peer  Breaking  News  page  offers  the  latest  headlines  from 
Network  World  and  around  the  Internet,  updated  daily.  DocFinder:  3247 


Sign  up  for  this  e-mail  newsletter  online.  DocFinder:  3850 


Web  hosting 

And  keep  yourself  well-informed  about  Web  hosting  news  on  our  Web 
Hosting  Breaking  News  page,  also  updated  daily.  DocFinder:  3248 


r  ^ 

"Get-to-the-point"  information  for  tech  people 

Stop  wasting  your  time  looking  for  information.  Network  World 
Fusion  provides  "get-to-the-point"  research  with  centers  dedicated 
to  specific  topics,  including  application  service  providers,  conver¬ 
gence,  frame  relay,  security,  telecommuting  and  wireless  network¬ 
ing.  Visit  our  research  area  today.  DocFinder:  3252 

Seminars  &  Events:  Networking  made  easier 

You  are  just  one  day  away  from  mastering  the  new  network  prod¬ 
ucts  and  services  that  can  make  your  business  more  competitive 
and  more  profitable.  Connect  with  top  experts  to  understand 
Networking  for  Small  and  Medium  Businesses.  Join  Network  World 
and  PC  l/l/or/cf  at  this  exciting  event.  DocFinder:  2554 


COLUMNISTS 

Compendium 

Your  own  knowledgebase  .  .  .  with  fizz 

Fusion  Executive  Editor  Adam  Gaffin  drinks 
to  the  innovation  of  OpenCola's  viral 
marketing  technique.  DocFinder:  3249 

Nutter's  Help  Desk 

Using  an  alternate  ERD 
Ron  Nutter  walks  a  reader  through  the  steps  for  getting  his 
server  back  online.  DocFinder:  3250 

Bleeding  Edge 

Industry  slini'down 
Columnists  Daniel  Briere  and  Beth 
Gage  see  a  tremendous  upside  in 
the  leaner  months  ahead  for  the 
tech  industry.  DocFinder:  3251 


What  is  DocFinder? 


We've  made  it  easy  to  access  articles  and  resources  online.  Simply  enter  the  four-digit  DocFinder 
number  in  the  search  box  on  the  home  page,  and  you'll  jump  directly  to  the  requested  information. 
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Nike:  Don't  blame  us;  blame  i2 

While  many  firms 
are  faulting  the  U.S. 
economy  for  earn¬ 
ings  shortfalls,  Nike 
took  a  different  tack 
last  week  when  it 
laid  blame  for  weak 
profits  with  i2  Tech¬ 
nologies’  supply- 
chain  management 
software.  Nike  says 
it  will  take  six  to 
nine  months  to 
work  its  way 
through  installation 
snags  that  led  to  excess  inventory  and  order 
delays,  which  in  turn  triggered  poor  sales.The 
news  battered  the  stock  prices  of  both  com¬ 
panies.  Nike  CEO  Philip  Knight  was  blunt  in 
describing  the  situation:  “I  guess  my  immedi¬ 
ate  reaction  is,  This  is  what  I  get  for  our  $400 
million,  huh?  ”  12  CEO  Sanjiv  Sidhu  said  in  an 
interview  with  CNBC  that  “i2  software  is 
extremely  powerful,  and  had  it  been  imple¬ 
mented  properly,  it  would  have  helped  them 
overcome  these  problems.” 

VeriSign  may  sidestep  split 

VeriSign  apparently  won’t  have  to  split  its 
domain  name  registration  business  this  spring 
as  anticipated,  thanks  to  a  tentative  agree¬ 
ment  with  the  Internet  Corporation  for 
Assigned  Names  and  Numbers  (ICANN). 
VeriSign  was  required  to  spin  off  its  back-end 
domain  name  registry  business  or  its  cus¬ 
tomer-facing  domain  name  registrar  business 
by  May  10, 2001,  under  the  terms  of  its  origi¬ 
nal  contract  with  ICANN.  With  its  acquisition 
of  Network  Solutions  last  year,  VeriSign  oper¬ 
ates  the  sole  registry  for  .com,  .net  and  .org 
domains  as  well  as  the  top  sales  channel  for 
names  in  350-plus  top-level  domains  and 
country  codes  including  .tv  and  .uk.  With 
VeriSign  facing  intense  competition  in  its  reg¬ 
istry  and  registrar  businesses,  ICANN  officials 
say  they  no  longer  believe  it  is  necessary  for 
the  firm  to  split  up  to  continue  operating  the 
popular  .com  registry.  Instead,  VeriSign  has 
agreed  to  relinquish  control  over  the  .org  reg¬ 
istry  as  of  January  1 , 2003,  and  to  provide  a  $5 
million  endowment  to  fund  the  operating 
expenses  of  a  new  nonprofit  .org  registry'. 

Brinks  taking  good  name  to  'Net 

Brinks,  a  provider  of  physical  security  ser¬ 
vices  for  homes  and  businesses,  last  week 
joined  the  Internet  security  services  arena. 
Under  an  alliance  with  Hyperon,  the  Brinks 
Internet  Security  division  will  monitor  data 
and  network  assets  on  corporate  nets  from  a 
data  center  in  Dallas.  Brinks’  technicians  install 
Hyperon’s  intrusion-detection  systems  on 
internal  nets  to  monitor  and  report  problems 
to  the  center.  The  service  starts  at  $  1 1 ,000. 


First  P2P  virus  strikes  Gnutella 

File-swapping  on  the  Internet  hit  a  sour 
note  last  week  with  the  appearance  of  a  virus 
that  attacks  users  of  the  Gnutella  file-sharing 
service.  Security  software  vendors  say  it  is 
the  first  virus  to  affect  peer-to-peer  commu¬ 
nications.  Named  W32/Gnuman.worm,  also 
known  by  the  alias  “Mandragore,”  the  mali¬ 
cious  file  poses  as  an  ordinary,  requested 
media  file. This  masked  file,  however,  is  actu¬ 
ally  an  .exe  file  that  infects  a  user’s  computer 
once  the  program  is  run.  After  it  infects  a 
computer,  the  virus  cloaks  itself  for  other 
Gnutella  users,  leading  them  to  believe  that  it 
is  actually  an  MP3  music  file  or  an  image  file. 

Fujitsu  to  launch  research  institute 

Fujitsu  last  week  said  it  will  establish  a 
research  institute  in  College  Park,  Md.,  for 
advanced  computer  technology  and  “perva¬ 
sive”  computing  associated  with  PDAs  and 
other  mobile  devices.  Fujitsu  Laboratories  and 
its  Sunnyvale,  Calif.,  subsidiary,  Fujitsu  Labora¬ 
tories  of  America,  expect  the  Maryland  facility 
to  have  an  annual  budget  of  $10  million  and 
40  employees  by  the  end  of  2004,  although  it 
launches  next  month  with  nine  employees 
and  $3.5  million. 

RSA  touts  new  smart  card  system 

RSA  Security  has  made  available  a  PC-based 
cryptographic  smart  card  personalization  sys¬ 
tem  that  lets  one  smart  card  be  programmed 
for  public-key-based  network  access  from  the 
desktop,  magnetic-stripe-based  physical  build¬ 
ing  access,  plus  the  user’s  photo  for  corporate 
identification.  The  system,  which  comes  with 
card  printer,  camera  and  imaging  software 
from  vendor  EpiSuites,  includes  RSA’s  Keon 
software  for  generating  crypto  keypairs  and 
requesting  certificates  from  the  RSA  Certifi¬ 
cate  Keon  Server. The  package  costs  $50,000, 
plus  a  license  fee  of  $2  per  user  for  each  pro¬ 
grammed  smart  card. 


Server  OS  landscape 

Market  share  numbers  for  server 
operating  systems  show  Windows 
and  Linux  gaining  while  NetWare 
and  Unix  are  slipping. 
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Windows  Linux  Net-  Unix  Other 
Ware 

SOURCE:  IOC 


Nike's  Philip  Knight:  i2's 
supply-chain  manage¬ 
ment  software  respon¬ 
sible  for  weak  profits. 


3Com  woes  mounting 


Layoffs,  financial  slump  dog  firm. 


BY  PHIL  HOCHMUTH 

SANTA  CLARA  —  When  it 
rains  it  pours,  they  say,  and  last 
week  was  an  exceptionally 
soggy  one  for  3Com. 

News  of  layoffs  and  a  warn¬ 
ing  about  an  upcoming  quar¬ 
terly  report  have  analysts 
doubting  the  company’s  ability 
to  grow,  although  they  add  that 
customers  should  not  worry 
about  3Com’s  ability  to 
develop  and  support  products. 


3Com  announced  last  Mon¬ 
day  it  would  cut  1,200  jobs, 
or  about  10%  of  its  work 
force.  The  move  was  called 
part  of  a  plan  to  save  $200 
million  this  year.  Later  in  the 
week,  the  company  issued  a 
warning  that  revenue  would 
fall  short  by  about  $100  mil¬ 
lion  for  the  third  fiscal  quar¬ 
ter,  ended  March  2.  After  its 
announcement,  the  com¬ 
pany’s  stock  fell  17%. 

Company  executives  cited 
the  slumping  U.S.  economy  and 
a  buying  slowdown  among 
telecom  providers  as  cause  for 
the  shortfall,  an  explanation 
that  failed  to  satisfy  everyone. 

“We  think  that  there’s  proba¬ 
bly  more  to  the  story  than  just 
the  telecom  situation,”  says 
Seth  Weber,  an  analyst  with 
Merrill  Lynch. 

The  company’s  carrier  rev¬ 
enue  makes  up  only  12%  of  its 
total  revenue  in  the  third  quar¬ 
ter,  he  says.  “There  are  some 
other  issues.  Some  of  their  core 
businesses  like  the  [network 
interface  card]  business  are 
obviously  declining  markets.” 

The  market  for  traditional 
10/100M  bit/sec  network  inter¬ 


face  cards  (NIC)  is  not  likely  to 
see  high  growth,  according  to 
market  research  firm  IDC.The 
firm  sees  worldwide  revenue 
in  that  market  dropping  from 
$2.8  billion  this  year  to  $  1 . 1  bil¬ 
lion  by  2004. 

Despite  3Com’s  troubles, 
one  customer  says  he  remains 
supportive. 

“My  feeling  is  that  this  seems 
to  be  an  industry  trend,”  says 
Chris  Stewart,  an  IT  technician 
with  Rockwell  Transportation, 
in  Bucks  County,  Pa. 
Rockwell  uses  3Com 
NICs  and  switches. 

“It  won’t  stop  me 
from  buying  [3Com] 
products,”  he  says, 
adding  that  3Com’s 
customer  service  and 
support  have  served 
him  well.  However,  he 
adds,  “if  they  start 
withdrawing  prod¬ 
ucts  I  use,  or  scaling 
back  support,  then  I 
may  have  some  seri¬ 
ous  concerns.” 

3Com  holds  the 
lead  on  total  NIC  ship¬ 
ments,  and  is  second 
only  to  Cisco  in  stack- 
able  switching,  says  Laurie  Vick¬ 
ers,  LAN  analyst  with  Cahners 
In-Stat.  However,  she  says  “the 
businesses  they’re  in  now  are 
completely  commoditized  mar¬ 
kets,”  and  haven’t  been  enough 
of  a  cash  cow  for  3Com  to  sus¬ 
tain  itself  until  “high  growth 
product”  such  as  LAN  telepho¬ 
ny,  wireless  LANs,  take  off. 

“The  only  thing  customers 
have  to  worry  about  is  if 
[3Com]  goes  out  of  business  or 
gets  bought,”  she  says.  3 


Corrections 

"How  to  become  a  B2B 
hero"  (Feb.  26,  page  67), 
should  have  listed  the 
price  for  Lucent's  Vital- 
Suite  software  Version  8 
starting  at  $53,000. 

"RADvision  rolling  out  soft¬ 
ware  for  converged  IP 
voice,  video  nets"  (Feb.  26, 
page  11)  should  have  listed 
the  company's  3,000-user 
ECS  server  at  $30,000. 


3Com's  tumble 


3Com’s  stock  has  seen  better  days 
since  the  company  began  restructuring 
almost  a  year  ago. 
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When  It  Comes  lo  Security, 

Only  eTrust  Can 
Protect  You  Like  This. 


Security  is  the  number  one  concern  of  every  IT 
professional.  The  good  news  is  that  there’s  a 
proven  solution  you  can  trust. 

Without  Bullet-Proof  Security,  Successful 
eBusiness  Is  Impossible 

The  only  thing  bigger  than  the  opportunity  that 
comes  with  putting  your  business  on  the  Web  is 
all  the  risk  that  goes  with  it. 

Undetected  attacks  can  strike  at  any  time, 
from  anywhere,  in  a  variety  of  forms.  Most  sites 
can’t  even  track  every  attempt.  And  new  threats 
are  developed  every  day,  all  over  the  world. 

Without  the  right  protection,  eCompanies  risk 
losing  everything:  data,  customers,  revenue, 
and  more. 


A  Simple  Solution  10  Your  Most 
Complicated  Challenge 

Online  business  through  eCommerce,  corporate 
intranets,  partner-to-partner  transactions  on 
extranets  and  websites,  all  need  to  be  secured. 
Protecting  the  integrity  and  availability  of  intranet 
information  is  critical  to  all  organizations. 


Computer  Associates™ 


Unfortunately,  in  the  race  to  become 
Web-enabled,  security  has  taken  a  back  seat. 

IT  managers  often  give  themselves  a  false  sense 
of  security  with  a  standalone  or  partial  security 
solution.  They  forget  that  eCompanies  need  an 
integrated  and  comprehensive  security  solution 
that  provides  best-of-breed  functionality. 


eTrust  Enables  eBusiness 


eTrust™  provides  all  the  security  solutions  an 
eBusiness  needs: 

COMPREHENSIVE  —  From  the  browser  to  the 
mainframe,  ensuring  complete  security  in  today’s 
highly  complex  environments. 

BEST-OF-BREED  —  eTrust  solutions  offer 
best-of-breed  functionality  across  the  board. 
INTEGRATED —  All  eTrust  solutions  are 
designed  and  built  to  work  together  seamlessly. 
EASY  —  eTrust  solutions  are  easy  to  use, 
deploy,  and  administer,  ensuring  any  environment 
is  secured  quickly  and  correctly. 
MISSION-CRITICAL  —  eTrust  solutions  offer  the 
scalability,  depth, 


and  robustness 
fast-growing  and 
successful 
eBusinesses  need. 

eTPustlsOpen 
And  Extensible 

eTrust  allows  you 
to  leverage  exist¬ 
ing  investments  in 
security  solutions 
—  you  will  never 
have  to  start  over 
or  convert  anything. 


emist  Security 
Suite 

•  Access  Control 

•  Administration 

•  Single  Sign-On 

•  Firewall 

•  Content  Inspection 

•  Intrusion  Detection 

•  Policy  Compliance 

•  Audit 

•  Virtual  Private  Network 

•  Encryption 

•  Directory 

•  OCSPro 

•  Anti-Virus 


And  eTrust  can  be  implemented  one  function  at  a 
time  or  all  at  once  —  it’s  your  choice. 

And  since  eTrust  is  built  on  the  Unicenter  TNG® 
Framework^  it  lets  you  snap-in  other  eBusiness 
management  solutions  as  you  grow  and  your 
needs  change.  eTrust  is  built  on  a  standards- 
based,  open  infrastructure,  so  it's  always  easy 
to  plug  in  any  other  standards-compliant 
products  or  solutions. 


End-to-End  Security 


eTrust  includes  a  comprehensive  set  of  security 
solutions  that  enable  eBusiness  by  protecting 
current  investments  and  allowing  customers  to 
confidently  leverage  new  technologies.  eTrust 
offerings  enhance  return  on  opportunity  for  any 
eBusiness  through  security  solutions  including 
risk  assessment,  attack  detection,  loss  prevention 
and  powerful  management — all  critical  com- 
|J  ponents  of  a  comprehensive  security  solution 
for  a  successful  eBusiness. 
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<?Trust  Is  Trustworthy 

eTrust  is  not  only  backed  by  the  world’s  leading 
security  software  company,*  it  is  also  comple¬ 
mented  by  a  complete  set  of  outcome-based 
service  offerings.  CA  Services™  stands  ready 
to  make  sure  your  implementation  is  fast  and 
trouble-free. 

If  your  company  is  making  the  difficult  transition 
to  an  eBusiness,  you  owe  it  to  yourself  to  find 
out  more  about  the  security  solution  more 
eBusinesses  trust. 

For  more  information, 
call  1-800-377-5327,  or  visit 

ca.com  solulions  Enterprise  etrust 


eTrust 

Backed  By  The  #1  Security  Software  Company 

Assess  Manage  Protect  Detect  Enable 


©  2001  Computer  Associates  International,  Inc.  (CA).  All  trademarks,  trade  names,  service  marks,  and  logos  referenced  herein  belong  to  their  respective  companies.  ’According  to 
“Internet  Security  Software:  1999  Worldwide  Markets  &  Trends,"  by  IDC. 
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orte!  showing  signs  of  life  in  the  enterprise 


Though  all  has  been  quiet  on  the  Bay  Networks  front,  it  won’t  he  for  long;  new  switches  and  enhancements  are  on  deck. 


BY  JIM  DUFFY 

SANTA  CLARA  —  Just  when 
you  thought  it  was  safe  to 
write  off  Nortel  Networks  as 
an  enterprise  data  networking 
power,  the  company  is  show¬ 
ing  some  very  strong  signs 
of  life. 

Rumored  to  be  the  next 
major  vendor  to  surrender  the 
large  enterprise  stage  to  Cisco, 
Nortel  this  year  will  make 
some  significant  LAN  switch¬ 
ing  announcements  to  position 
itself  as  a  leader  in  delivering 
wire-speed,  policy-enabled  net¬ 


works.  The  company  is  also 
making  great  strides  in  gaining 
back  Ethernet  switching  mar¬ 
ket  share  and  surprised  Wall 
Street  analysts  with  16%  rev¬ 
enue  growth  in  its  enterprise 
business  between  the  fourth 
quarters  of  1999  and  2000. 

“We’re  not  getting  out  of  the 
enterprise,  we’re  not  pulling  a 
Lucent,”  says  Jim  Vogt,  presi¬ 
dent  of  Nortel’s  small  business 
solutions  group.  “This  is  a  two- 
horse  race.  The  only  two  that 
can  deliver  what’s  required 
over  the  next  five  years  are 
Cisco  and  Nortel.” 


In  the  face  of  Cisco’s  grow¬ 
ing  dominance  in  enterprise 
data  networking,  Lucent  spun 
off  its  enterprise  data  and 
voice  operations  into  a  sepa¬ 
rate  company  called  Avaya  last 
year.  Cabletron  split  itself  into 
four  separate  companies,  one 
of  which  is  focused  on  enter¬ 
prise  networks,  while  3Com 
resorted  to  more  drastic  mea¬ 
sures:  It  abruptly  exited  the 
large  enterprise  core  switch 
market,  alienating  and  embit¬ 
tering  scores  of  customers  in 
the  process. 

See  Nortel,  page  68 


Alive  and  kicking 

Nortel  outpaced  the  competition  almost  2-to-1  in  Ethernet  switch 
revenue  growth  between  03  and  Q4  last  year. 


+  39% 


+  22% 


Nortel  3Com 


+  21% 


Extreme 


SOURCE.  D  ELL'  0  R  0  GROUP 


Total  Q4  market  =  $3.8  billion 


+ 18% 

+  2% 

Cisco  Cabletron 


Foundry 


Users  to  IBM:  Beef  up  e-commerce  and  security  wares 


BY  KATHLEEN  OHLSON 

LONG  BEACH,  CALIF.  —  Big 
Blue’s  largest  users  have  spo¬ 
ken:  They  want  IBM  to 
improve  its  e-commerce  wares 
and  security  features. 

These  were  just  the  top  two 
issues  that  surfaced  in  a  survey 
by  Share,  a  large  IBM  user 
group. The  study,  “Strategic  con¬ 
cerns  of  the  members  of  Share,” 
also  pointed  to  a  need  for  easier 
ways  to  share  data  over  dis¬ 
parate  platforms,  as  well  as  bet¬ 
ter  methods  for  enterprise 
application  integration  and  stor¬ 
age  management  (see  graphic). 

The  volunteer  group,  estab¬ 
lished  in  1955,  issues  the  annual 
survey  to  its  roughly  2,000 
members,  who  represent  large 
companies  and  educational 
institutions.  Share,  which  held 
its  biannual  meeting  last  week, 


1 .  Internet  presence/e-commerce 

2.  Security  authentication 

3.  OS/390  directions  and  products 

4.  Data  sharing  across  disparate 
platforms 

5.  Mainframes  and  enterprise  servers 

SOURCE:  SHARE 


then  turns  over  the  survey 
results  to  IBM  to  assist  the  com¬ 
pany’s  product  plans. 

As  for  e-commerce,  the  Share 
study  says  users  are  looking  to 
IBM  to  help  them  integrate 
business  processes  and  underly¬ 
ing  applications.  But  IBM  must 
also  help  users  extend  those 
processes  to  partners,  suppliers 
and  customers  securely  and  reli¬ 
ably  around  the  clock  and 
around  the  world. 

Brian  Jeffery,  a  consultant 
at  International  Technology 
Group  in  Pittsburgh,  says  cen¬ 
tralizing  and  consolidating 
e-business  infrastructures  will 
be  the  primary  focus  —  and  a 
major  problem  —  for  end 
users  in  the  next  year. 

“The  absolute  overriding 
issue  for  companies  is  central¬ 
ization,  and  companies  are 
groping  back  to  find  the  right 


6.  Enterprise  application  integration 

7.  Systems  management 

8.  Data  storage  management 

9.  Web  data  warehouse/data 
warehousing 

10.  Network  management/ 
networking  management  tools 


balance”  for  their  systems,  Jef¬ 
fery  says.  “The  problem  every¬ 
body  has  is  that  nobody 
planned  on  a  world  in  which 
[computers]  must  talk  to  every¬ 
thing  else,  and  now  we’re  deal¬ 
ing  with  .  .  .  integration  after  a 
couple  of  decades  of  not  deal¬ 
ing  with  the  issue,”  he  says. 


BY  DENISE  PAPPALARDO 

BEDMINSTER,  N.J.  —  AT&T’s 
sale  last  week  of  cable  and 
international  network  assets 
may  bode  well  for  the  carrier’s 
bottom  line,  but  analysts  say 
AT&T  will  have  to  dump  more 
assets  to  get  back  on  track. 

AT&T  announced  it  was 
selling  cable  network  assets 
and  off-loading  a  telecom¬ 
munications  investment  in 
Japan  to  bring  in  $4.61  bil¬ 
lion.  AT&T  plans  to  use  these 
funds  to  reduce  its  $61  billion 
debt,  which  is  threatening  the 
company’s  credit  rating,  says 
Dave  Patton,  director  of 
consulting  at  research  firm 
TeleChoice. 

If  the  company’s  credit  rat¬ 
ing  is  lowered,  it  may  become 
more  difficult  for  AT&T  to 
secure  money  needed  to 
finance  expanded  networks 
supporting  new  services. 


That  thinking  changed  as 
companies  rushed  to  bring  their 
businesses  online  and  realized 
their  Web  operations  needed  to 
be  tied  with  their  back-end 
systems. 

“This  is  the  morning  after 
e-business,  and  we’re  now  in  a 
world  where  companies  need 


An  AT&T  spokesman  says 
the  cable  sales  will  not  nega¬ 
tively  affect  the  company’s 
broadband  business  service 
plans.  Currently,  AT&T  Broad¬ 
band  offers  cable  modem 
Internet  access  service  to  busi¬ 
nesses  in  five  markets. 

AT&T,  which  has  spent 
nearly  $100  billion  on  cable 
networks  during  the  past  few 
years,  says  the  cable  assets  it  is 
selling  off  are  in  markets 
where  it  did  not  have  a  huge 
customer  base.  AT&T  has  been 
trying  to  cluster  cable  net¬ 
work  assets  and  customers 
based  on  geography. 

AT&T  is  selling  networks  in 
Georgia,  Illinois,  Iowa  and  Mis¬ 
souri  to  Mediacom  Communi¬ 
cations  for  $2.22  billion.  In  a 
separate  deal,  AT&T  is  unload¬ 
ing  cable  assets  in  Alabama, 
California,  Missouri  and  Neva¬ 
da  to  Charter  Communica¬ 
tions  in  exchange  for  cable 


to  ask  what  they  need  to  do 
next  to  compete  over  the 
next  three  years,  the  next  five 
years,”  Jeffery  says. 

IBM  has  addressed  some 
issues  by  upgrading  its  flagship 
e-commerce  software,  Web¬ 
Sphere.  For  example,  the  new 
See  Share,  page  12 


networks  in  Florida,  $500  mil¬ 
lion  in  stock  and  $1.04  billion 
in  cash. 

AT&T  is  also  selling  the 
10%  interest  in  Japan  Telecom 
it  shares  with  AT&T  Wireless 
to  Vodafone  for  $1.35  billion. 
That’s  about  twice  what 
AT&T  paid  for  the  share  in 
August  1999. 

AT&T  Wireless  was  required 
to  sell  its  5%  interest  based  on 
a  deal  it  announced  last  year 
with  NTT  DoCoMo,  under 
which  AT&T  Wireless  cus¬ 
tomers  could  benefit  (www.nw 
fusion.com,  DocFinder:  3254). 
The  deal  could  result  in  AT&T 
Wireless  expanding  its  overseas 
network  coverage  and  develop¬ 
ing  advanced  services. 

The  sales  come  at  a  time 
when  AT&T  needs  the  cash. 

“WorldCom  and  Lucent’s 
credit  ratings  were  recently 
reduced  and  AT&T  is  trying  to 
See  AT&T,  page  66 


Top  10  concerns  of  IBM  users 

The  IBM  user  group  Share  recently  published  a  survey  ranking 
the  top  concerns  of  its  members  for  2000.  Out  of  1,972  surveys 
sent  out,  506  members  responded.  The  top  concerns  are: 


AT&T  sheds  cable,  international  assets 
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82%  of  desktops 
wifi  be  running  fast 
ethetnet  by  2002. 


intellpro  gigabit 
adapters  will  help 
your  servers  keep 
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reduce  server  bottlenecks  without  replacing  your  existing  cat-5  copper  wire  in 

inter  pro/1000  t  server  adapters  help  you  take  full  advantage  of  your  fi 
investment,  simply  install  as  many  as  eight  and  configure  for  adaptive  load  bal 
you  have  redundant  network  connections  and  consistently  high  server  thrc 
to  mention  enough  bandwidth  to  maximize  your  upgraded  network,  this  is  jus 
many  new  ways  intel  adapters  are  solving  problems  you  never  thought  ad< 
solve,  make  sure  you  specify  intel  adapters,  because  in  the  surge  economy,  what 

frastructure. 
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lancing,  now  1 
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ipters  could  1 
slows  down 

your  network,  slows  down  your  business,  (the  intelligent  way  to  connect  -♦  intel. co 
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News 


Cisco, 

continued  from  page  1 

Point]  VPN-1  firewalls.  1  can’t 
even  imagine  expanding  my 
VPN  without  a  tool  like  this,” 
says  John  Shelest,  senior  net¬ 
work  security  engineer  for 
Equity  Residential  Properties  in 
Chicago. 

Cisco’s  hoping  its  users  can’t 
either.  VMS  provides  a  Web- 


olding  that  are  necessary  to  get 
an  accurate  indication  of  the 
success  of  your  VPN  network,” 
says  Paul  Forbes,  network  engi¬ 
neer  at  Trimble  Navigation  in 
Sunnyvale,  Calif.  “The  next  step 
would  be  to  try  and  drive  the 
management  of  the  tunnels 
through  a  single  configuration 
interface.  Trying  to  come  up 
with  a  technology  to  allow 
users  to  configure  a  VPN  regard- 


Check  Points  management  'dashboard' 

Next  Generation  Management  software  from  Check  Point  gives 
network  administrators  multiple  tools  on  one  screen. 


Policy  editor  for  configuring 
security  elements. 
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Object  tree  of 
network  security 
devices. 
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Visual  policy  editor 
depicts  current  policies. 


based  interface  for  monitoring 
VPNs  and  an  application  for 
configuring  and  monitoring 
firewall  security. 

VMS  supports  the  following 
Cisco  products:  VPN  3000  Con¬ 
centrator;  7100  and  7200  series 
routers  running  Cisco  IOS  Ver¬ 
sion  12.  l(5a)E  or  later;  PEX  Fire¬ 
wall;  and  Intrusion  Detection 
Sensor  devices. 

VMS  monitors  and  trouble¬ 
shoots  common  VPN  protocols, 
such  as  IP  Security  (IPSec), 
Internet  Key  Exchange  (IKE), 
Layer  2  Tunneling  Protocol 
(L2TP)  and  Point-to-Point  Tun¬ 
neling  Protocol  (PPTP).  The 
suite  includes  CiscoWorks2000 
Resource  Manager  Essentials 
3-2,  which  provides  basic  syslog 
and  configuration  reporting, 
and  software  and  inventory 
management  for  VPN  devices. 

The  bundle  also  includes 
VPN  Monitor  1 .0,  for  monitor¬ 
ing  of  IPSec,  IKE,  L2TP  and 
PPTP  protocols;  and  Cisco 
Secure  Policy  Manager  (CSPM) 
2.2  for  configuration  and  moni¬ 
toring  of  firewall  security. 

Users  say  VMS  is  just  a  first 
step  toward  integrated,  compre¬ 
hensive  VPN  and  firewall  man¬ 
agement  and  that  Cisco  needs 
to  go  a  bit  further. 

“It’s  very  proficient  in  giving 
people  the  statistics  and  thresh- 


less  of  device  across  the  entire 
product  range  is  going  to  be 
something  I  certainly  desire.” 

Other  users  say  they  don’t 
need  VMS;  a  stand-alone  version 
of  CSPM  works  fine. 

“We  use  the  Cisco  policy 
management  stuff  for  configu¬ 
ration  of  firewalls,  for  logging 
capability,  for  building  VPNs, 
installing  digital  certificates 
onto  VPNs,  that  type  of  stuff,” 
says  Phil  Ruenhorst,  director  of 
ChimeNet  in  Wallingford,  Conn. 
“We  can  dynamically  see  and 
build  VPNs  from  a  central  spot 
with  policy  management.” 

VMS  costs  $8,000  and  is 
available  now. 

Check  Point’s  Next  Genera¬ 
tion  Management  software  also 
uses  policies  to  manage  larger 
VPNs  in  less  time.  Currently, 
when  administrators  make 
changes  or  updates,  they  send 
them  to  one  device  at  a  time. 

“The  Next  Generation  Man¬ 
agement  checks  if  the  VPN 
clients  have  the  right  configu¬ 
ration  according  to  the  secur¬ 
ity  policies,  and  if  not  it  will 
send  them,”  Shelest  says,  refer¬ 
ring  to  a  new  feature  called 
SecureUpdate. 

He  says  the  software  also 
offers  a  high-availability  feature 
that  directs  remote  VPN  users  to 
a  different  gateway  if  the  pri- 


Verio  adds  0racle8i 
database  to  ASP  offerings 


ntary  one  is  inaccessible.  For 
example,  if  the  Internet  connec¬ 
tion  to  the  Chicago  office  were 
to  go  down,  remote  machines 
would  automatically  seek  out 
the  Scottsdale,  Ariz.,  VPN  gate¬ 
way  without  the  remote  user 
having  to  do  anything. 

Similarly,  more  than  one  man¬ 
agement  station  can  control  the 
same  device.  So  a  firm  with 
headquarters  in  New  York  and 
Los  Angeles  could  manage  its 
VPN  from  New  York  and  hand 
off  those  responsibilities  to  Los 
Angeles  after  East  Coast  busi¬ 
ness  hours,  Check  Point  says. 

“This  makes  Check  Point  sig¬ 
nificantly  better  in  managing 
their  policies.  It’s  very  central¬ 
ized  and  very  scalable,”  says 
Todd  Miller,  an  analyst  with  The 
Yankee  Group. 

Other  new  Check  Point  fea¬ 
tures  include: 

•  System  Status  View,  a  man¬ 
agement  window  that  shows 
the  status  of  security  devices 
such  as  intrusion  detection 
servers. 

•  Administrator  Auditing  for 
tracking  which  administrators 
have  made  what  changes  to 
VPN  policies. 

•  Account  Management, 
which  integrates  management 
of  security  devices  using  data 
stored  in  directories. 

Check  Point  says  it  will 
announce  next  month  a  new 
version  of  its  VPN-1  client  that 
accepts  customized  policies. 
Currently,  these  clients  could  be 
configured  with  one  of  four 
predefined  policies.  3 

Get  more  information  online. 
DocFinder:  3256 
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BY  JENNIFER  MEARS 

ENGLEWOOD,  COLO.  — 
Responding  to  the  growing 
demand  for  managed  services 
from  small  to  midsize  compa¬ 
nies,  Web  hosting  firm  Verio 
announced  last  week  it  will 
offer  the  Oracle8i  database  on  a 
monthly  subscription  basis. 

The  service  will  give  users 
the  benefit  of  a  high-end  data¬ 
base  without  the  steep 
upfront  costs,  Verio  says. 
While  costs  of  licensing  the 
Oracle  8i  database  vary,  most 
smaller  companies  probably 
couldn’t  afford  the  hardware 
and  personnel  associated 
with  running  the  database  in- 
house,  says  Chris  Sedlacek, 
Verio  vice  president  of  appli¬ 
cations  product  management. 

The  relational  database  will 
be  hosted  on  dedicated  and 
shared  servers  in  Verio  data 
centers.  The  hosted  Oracle8i 
product  can  be  purchased  as  a 
stand-alone  service  and  does 
not  have  to  be  part  of  a  Web 
hosting  package,  the  company 
says.  It  can  be  hosted  on  Verio’s 
proprietary  shared  servers  or 
on  Sun  Solaris  servers  in  a  dedi¬ 
cated  environment. 

“We  see  that  businesses’Web 
presence  are  going  to  get  more 
complex  and  they’ll  need  to  do 
more  things  in  order  to  be  suc¬ 
cessful,”  Sedlacek  says.  Market 
research  firm  IDC  expects  the 


Web  hosting  market  to  balloon 
in  the  next  few  years,  growing 
from  about  $4  billion  in  2000  to 
more  than  $24  billion  in  2004. 
Much  of  that  revenue  will  come 
from  fully  managed  services, 
analysts  say. 

The  database  offering  adds 
to  the  managed  services  sup¬ 
ported  by  Verio,  a  firm  that  until 
recently  focused  primarily  on 
collocation  for  small  and  mid¬ 
size  companies.  Sedlacek  says 
Verio  chose  the  Oracle8i  data¬ 
base  because  of  its  strength  in 
e-commerce  and  Internet-based 
transaction  processing. 

Pricing  starts  at  $250  per 
month,  with  a  $250  setup  fee, 
for  a  standard  Oracle8i  database 
on  a  shared  server  and  10  con¬ 
current  connections. 

The  shared  server  price 
includes  back-up,  recovery  and 
monitoring  services.The  cost  of 
running  the  database  on  a  dedi¬ 
cated  server  starts  at  $4,200  per 
month,  with  a  $3,200  start-up 
fee.  Managed  services  are  not 
yet  available  in  the  dedicated 
environment. 

Verio:  www.verio.com;  Ora¬ 
cle:  www.oracle.com 
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version  of  WebSphere  Com¬ 
merce  Suite  features  region- 
specific  sales  tax  and  shipping 
rules,  customized  product  cat¬ 
alogs  and  localized  payment 
functions,  taking  aim  at  e-busi- 
nesses  and  business-to-busi- 
ness  marketplaces.  The  com¬ 
pany  also  recently  shifted  the 
bulk  of  its  $650  million  annual 
advertising  budget  to  focus 
on  helping  users  build  e-busi¬ 
ness  infrastructure,  which 
consists  of  computers,  soft¬ 
ware  and  services. 

E-commerce  issues  aside, 
the  survey  also  showed  that 
security  worries  were  also 
high  on  the  list. 

Donald  Davis,  an  IT  specialist 


for  the  state  of  California  in 
Sacramento,  says  intrusion 
detection  will  be  one  of  his  pri¬ 
mary  concerns. 

“Right  now,  intrusion  detec¬ 
tion  is  very  ambiguous  about 
what  it  does  and  how  it  should 
work,”  Davis  says.  For  example, 
IT  staffs  must  acquire  separate 
tools  for  managing  alerts  and 
raw  data.  As  a  result,  security 
staffers  have  a  difficult  time 
tracking  the  data  because  of  the 
large  amount  of  information 
that’s  collected. 

Share  says  traditional  access 
control  mechanisms,  while  still 
important,  are  no  longer  suf¬ 
ficient.  Organizations  must 
define  and  implement  enter¬ 
prisewide  security  that  encom¬ 
passes  user  authentication, 
role-based  user  access,  firewall 


deployment  and  administra¬ 
tion,  server-to-server  authenti¬ 
cation,  data  privacy  and  data 
integrity. 

IBM  has  been  bolstering  its 
security  wares  via  improve¬ 
ments  to  its  Tivoli  Secure  Way 
Security  Manager.  SecureWay 
provides  a  role-based,  central¬ 
ized  mechanism  for  managing 
and  implementing  access-con¬ 
trol  policies  from  the  LAN  to 
the  mainframe,  IBM  says.  For 
example,  Tivoli  not  long  ago 
upgraded  SecureWay  Policy 
Director  software  to  handle 
PDAs  and  other  handhelds.  Pol¬ 
icy  Director  software  lets  IS 
staff  centrally  manage  the 
authentication  of  end  users 
and  ensure  only  the  appropri¬ 
ate  network  resources  are 
accessible  to  them.  3 
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competitive  local  exchange  car¬ 
riers  (CLEC)  call  SBC’s  effort 
virtually  invisible. 

For  its  part,  Verizon  has  actu¬ 
ally  pulled  back  competitive 
offers  against  SBC’s  Pacific  Bell 
unit,  while  BellSouth  readily 
concedes  a  lack  of  CLEC  efforts. 
Qwest  Communications’  plans 
are  just  beginning  to  take  shape. 

But  SBC’s  promises  were 
the  flashiest  —  a  plan  to  enter 
30  new  markets  in  exchange 
for  buying  Ameritech  in  1999. 
And  because  SBC  has  since 
been  fined  millions  of  dollars 
by  state  and  federal  regulators 
for  declining  performance  in 
the  Ameritech  region,  users 
are  looking  hardest  at  SBC  to 
provide  a  silver  lining.  They’d 
like  to  see  the  carrier  offer  ser¬ 
vices  that  challenge  other 
dominant  carriers. 

So  far,  they’re  not  finding 
such  competition,  hi  New  York 
and  Long  Island,  where  SBC 
says  it  turned  up  CLEC  service 
against  Verizon  late  last  year, 
large  companies  with  sister 
offices  in  SBC’s  native  territo¬ 
ries  —  exactly  the  type  of  busi¬ 
nesses  the  carrier  said  it  would 
go  after  —  remain  unaware  of 
SBC’s  market  entry. 

“Gee,  they  haven’t  made  that 
very  well-known,”  says  George 
Sullivan,  senior  network  archi¬ 
tect  for  Logicon,  the  IT  services 
subsidiary  of  Northrop  Grum¬ 
man  in  Bethpage,  N.Y.  “I  have  a 
very  keen  ear  for  the  Long 
Island  market,  and  I  haven’t 
heard  squat.” 

In  Boston,  which  SBC  says  it 
entered  in  October,  competitors 


This  week's  question: 

_ _ _ _ 

Which  Cabletron 
spinoff  in  February 
braved  the  rough  IPO 
waters  to  go  public? 


are  likewise  mystified.  AT&T 
Sales  Vice  President  Rick  Freidel 
says  he’s  seen  SBC  in  only  one 
bid  for  local  service,  and  that 
was  for  a  customer  spending 
less  than  $5,000  per  month. 

Users  and  carriers  are  even 
more  perplexed  in  Baltimore 
and  Washington,  D.C.,  where 
SBC  announced  it  would  begin 


service  last  November,  then 
delayed  switch  turn-up  several 
times.  Now  the  carrier  lists  both 
cities  on  its  Web  site  under  a 
grab-bag  category  of  19  markets 
due  “before  June  2002”  —  four 
months  before  the  SBC/  Ameri¬ 
tech  merger  conditions  expire. 
Meanwhile,  SBC’s  sales  center  is 
telling  callers  that  service 
begins  this  summer. 

Yet  SBC  deployed  a  sales- 
force  last  fall  in  Maryland  and 
Virginia,  causing  consternation 
when  representatives  had  to 
pull  back  installation  dates. 

Baltimore  Gas  &  Electric  got 
pitched  by  SBC  on  a  competi¬ 
tive  bid  for  several  Primary 
Rate  Interface  circuits,  says 
BGE  telecom  official  Jim  Kane. 
But  he  dropped  SBC  from  con¬ 
sideration  after  switch  turn-up 
was  put  off. 

SBC  spokeswoman  Wendy 
Flanagan  says  the  delays  relate 
to  a  strategy  shift  revealed  in  a 
Dec.  19,  2000  alert  from  SBC’s 
investor  relations  group.  The 
alert  notes  that  within  some  of 
SBC’s  native  states,  govern¬ 
ment  approval  for  long¬ 
distance  authority  is  coming 
slower  than  expected.  SBC 
decided  to  pull  back  some  new 
markets  by  an  average  of  six 
months  “to  better  synchronize 


timing  with  [in-region]  long¬ 
distance  approvals.” 

Yet  SBC  appears  to  have 
skimped  on  key  opportunities 
even  where  it  went  ahead  on 
schedule.  In  some  of  SBC’s  new 
target  markets,  the  federal  gov¬ 
ernment  is  awarding  CLEC  con¬ 
tracts  under  its  Metropolitan 
Area  Acquisition  (MAA)  pro¬ 


gram.  SBC  won  a  share  of  the 
Boston  MAA  contract,  but 
according  to  federal  officials, 
did  not  bid  for  the  MAA  awards 
in  Philadelphia  and  Atlanta  — 
two  other  cities  where  SBC  has 
begun  operations. 

Even  in  Boston,  SBC  has  not 
actually  begun  service  to  any 
federal  building,  says  one  federal 
contract  administrator.  “We  have 
a  little  issue  going  on  with  them 
right  now,”  says  the  federal  offi¬ 
cial,  declining  to  elaborate. 

Other  users  may  be  cold  to 
SBC’s  offer  even  if  they  do  get 
pitched.  Larry  Sanderson,  vice 
president  of  telecommunica¬ 
tions  for  Computer  Services, 
Inc.  (CSI),  a  bank  processing 
firm  in  Paducah,  Ky.,  spends 
about  $500,000  per  year  with 
Ameritech,  mostly  for  56K 
bit/sec  andT-1  circuits  into  bank 
clients. Yet  SBC  hasn’t  contacted 
Sanderson  for  service  at  CSI’s 
locations  in  Denver  and  other 
recently  turned-up  SBC  markets. 

Sanderson  likes  the  idea  of  a 
regional  Bell  operating  compa¬ 
ny  going  out  of  region,  but  says, 
“I  would  be  interested  in  doing 
that  with  some  other  RBOCs, 
not  SBC.”  Especially  in  Ameri¬ 
tech  states,  where  he  says,  “they 
have  a  very  hard  time  meeting 
their  installation  dates.  They 


don’t  even  tell  you  until  the  last 
minute,  and  then  they  can’t  tell 
you  what  date  they  can  meet.” 

Despite  concern  about  SBC’s 
CLEC  rollout,  the  company  is 
not  in  danger  of  missing  federal 
merger  requirements.  Next 
month  SBC  reaches  the  halfway 
point  of  the  three-year  merger- 
conditions  period,  but  by  then 
the  carrier  is  only  required  to 
have  placed  a  switch  and 
installed  three  customers  in 
each  of  its  15  markets,  under  its 
deal  with  the  Federal  Commu¬ 
nications  Commission. 

Some  analysts  defend  SBC’s 
market-timing  pullback,  noting 
a  general  retrenchment  among 
CLECs.  That  also  appears  to  be 
the  case  with  Verizon,  which  is 
obligated  to  spend  $500  million 
on  CLEC  operations  under  its 
Bell  Atlantic/GTE  merger  deal. 

In  December  Verizon  told 
670,000  customers,  including 
many  of  whom  had  switched 
local  service  from  Pacific  Bell, 
that  it  was  ending  a  bundled 
local/long-distance  service  origi¬ 
nated  by  GTE.  Verizon  spokes¬ 
man  Jim  Smith  says  Verizon 
executives  soured  on  plain  old 
telephone  service  bundles  and 
decided  to  start  fresh  with  a 
CLEC  strategy  centered  around 
in-building  DSL  installations  and 
acquisitions. 

But  Qwest,  the  successor  to 
US  West,  says  it  has  begun  busi¬ 
ness  DSL  service  as  a  CLEC  in 
major  California  and  Texas  mar¬ 
kets,  plus  Baltimore,  Washing¬ 
ton,  D.C.,  and,  starting  last 
week,  Boston. 

Augie  Cruciotti,  Qwest’s 
executive  vice  president  for 
local  networks,  says  Qwest  is 
best-positioned  to  become  a 
CLEC  because  it  started  as  a 
national  carrier  and  already 
has  points  of  presence  in  its  tar¬ 
geted  markets. 

In  a  dig  at  SBC  and  Verizon, 
Cruciotti  adds:  “This  isn’t  a  shell 
game.  This  isn’t  a  merger 
requirement  that  somebody 
made  us  do  and  we’re  going  to 
do  as  little  as  possible.” 

BellSouth,  which  hasn’t 
merged  with  anybody  and  has 
no  merger  conditions,  isn’t 
bothering  to  claim  any  big 
plans.  Spokesman  Bill  Mc- 
Closkey  says  BellSouth  has 
CLEC  licenses  for  some  adjacent 
territories,  but  “in  most  cases 
we’re  not  doing  anything  with 
them.”  □ 

Get  more  information  online. 
DocFinden  3257 

nw  fusion 


Long  march  to  national  competition 

Milestones  on  the  way  to  SBC's  National/Local  Strategy: 

May  1998  SBC  announces  Ameritech  merger  and  entry  into  30  out- 
of-region  markets. 

October  1999  SBC/Ameritech  merger  approved  with  requirement  to  enter 
30  new  markets. 


June  2000 

SBC  announces  national 

www.nwfusion.com 

supply  agreements  with 
Lucent,  MFN  and  Williams 
Communications. 

SBC’s 

October  2000 

SBC  enters  first  out-of¬ 
region  markets  in  Boston, 
Miami  and  Seattle. 

DELAYED 

ROLLOUT 

December  2000  SBC  investor  relations  brief 
reveals  average  six-month 
delay  in  market  entry. 

Find  out  which 
out-of-region  metro 
markets  SBC  has 
entered  so  far  —  and 
which  it  has  not. 
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April  2001 

Merger  conditions  require 
entry  into  15  cities  with  at 
least  three  customers  in 
each. 

October  2002 

Merger  conditions  expire. 
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News 


Microsoft  users  keep  eyes  on  networks,  not  courtroom 


BY  JOHN  FONTANA 


Appeals  Court  blasts 
Judge  Thomas 
Penfield  Jackson's 
public  comments  on 
Microsoft  trial. 


WASHINGTON,  D  C.  —  As  Microsoft 
was  arguing  for  its  life  last  week  in  a 
federal  courtroom,  the  software  giant’s 
customers  were  going  about  business 
as  usual. 

Given  that  the  3-year-old  case  could 
drag  on  for  another  year  or  two,  most  IT 
executives  are  forging  ahead  on  their 
strategies  involving  Microsoft  software. 

“We  are  not  changing  course.  Our 
strategy  has  not  changed  with  regard 
to  Microsoft,”  says  George  Graves, 
chief  technologist  for  QVC,  the  cable 

television 
channel  with 
more  than  $3 
billion  in  an¬ 
nual  sales.  “The 
case  is  back¬ 
ground  noise. 
If  anything, 
now  we  don’t 
feel  any  pres¬ 
sure  to  go 
to  Windows 
2000.  In  eval¬ 
uating  our 
upgrade  cycle, 
we’re  more 
concerned 
with  licensing 

costs,  which  seem  to  be  going  up.” 

Others  voiced  the  same  sentiments. 

“No  matter  the  outcome,  it  won’t 
affect  us  in  any  way,’’  says  Larry  Fillmore, 
network  manager  for  the  Naval  Air  Sta¬ 
tion  in  Brunswick,  Maine. “If  [Microsoft  is 
forced  to]  split,  we  ll  just  buy  from  each 
of  the  two  sides.” 

A  pair  of  studies  released  last  week 
by  IDC  bear  out  that  enterprise  cus¬ 
tomers  continue  to  gobble  up  Micro¬ 
soft’s  desktop  and  server  systems.  The 
studies  show  Windows  accounted  for 
41%  of  server  operating  system  ship¬ 
ments  in  2000  and  an  overwhelming 
92%  of  shipments  on  the  client  side. 
Microsoft’s  server  shipments  jumped 
20%  in  2000  to  2.5  million.  Only  Linux, 
with  24%,  had  a  higher  percentage 
growth. 

In  addition  to  operating  system  gains, 
Microsoft  is  keeping  users  interested 
with  developments  in  other  areas. 

“They  have  done  a  lot  of  good  work 
with  [Simple  Object  Access  Protocol] 
and  are  far  out  in  front,”  says  Eric  Han¬ 
cock,  a  software  developer  with  Home 
Box  Office  in  New  York.  SOAP  is  based 
on  XML  and  provides  a  standard  way 
to  send  remote  procedure  calls  over 
the  Web. 

Hancock  says  the  trial  confirms  what 
he  has  known  all  along  about 
Microsoft’s  aggressive  tactics.  “The  trial 
is  bad  PR  more  than  anything.The  battle 
over  the  browser  has  been  won.” 

Microsoft  hopes  that  isn’t  the  only 


victory.  Last  week  during  oral  argu¬ 
ments,  seven  justices  in  the  U.S.  Court  of 
Appeals  for  the  District  of  Columbia  Cir¬ 
cuit  expressed  skepticism  over  a  lower 


court’s  ruling  that  Microsoft  illegally 
maintained  a  monopoly  in  the  operating 
system  market.  Observers  now  ques¬ 
tion  whether  an  order  to  break  up  the 


company  issued  last  year  by  Judge 
Thomas  Penfield  Jackson,  who  also  was 
blasted  for  post-trial  comments  about 
Microsoft,  will  survive  the  appeal.  S 
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The  Verilink  WANsuite™  CSU/DSU. 

Full  connection  statistics  and  reporting  from  anywhere,  anytime. 


Most  CSU/DSUs  do  little  more  than  terminate  a  connection. 
That’s  only  the  beginning  of  what  you  can  do  with 
WANsuite  devices  from  Verilink.  They  give  you  powerful 
reporting  capabilities,  both  historical  and  real-time,  and 
display  the  information  graphically  in  a  web  browser.  So 
you  can  monitor  SLAs,  isolate  problems,  and 
engineer  your  network  to  optimize  performance. 

WANsuite  devices  cost  about  what  you’d  pay 
for  a  simple,  single-connection  CSU/DSU.  Yet 
they  support  any  combination  of  full/ 
fractional  Tl,  full/fractional  El,  DDS 


and  DSL,  for  private-line  or  packet-based  networks.  And 
add  the  functionality  of  a  WAN  probe,  frame-relay  transport 
device,  and  a  border  router  with  packet  filtering. 

So  don’t  settle  for  a  dumb  box.  Get  wise  to  your  network’s 
performance  with  WANsuite.  Ask  for  more  information  - 

including  an  independent  evaluation  of  CSU/DSUs. 

Visit  us  at  www.vcrilink.com/wansuite 
or  call  1-866-665-1515. 
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Digital  Networks  is  built  upon  a  25  year  history  delivering 
solid  and  reliable  Digital-branded  networking  products 


1  of  rebuilding 

-  Exceptional  features,  dear's/ ISN™  Management 
and  a  lifetime  warranty 

Access  Servers 

-  Best  device  connectivity  in  the  industry 

-  Console  Port  Concentration,  PCS  and  Building  Automation 


Digital  Networks  -  exclusive  source  for  the  top  selling 
Di  g  ita  I  -bra  nded  products : 

MultiSwitch™  900,  GIGAswitchr7FDDI,  VNswitCh™  900, 

DEC  hub™  90,  DECserver™,  c/eaA/ISN™  Device  Management 


FREE  clears  ISN  CD 


To  get  your  copy  go  to  www.dnpg.com 
or  call  1.877.341.9594  (u.s.)  1.978.684.1258  (outside  u.s.) 
(Limited  Time  Offer) 


Digital  Networks  is  the  trade  name  of  DNPG,  LLC,  and  is  not  affiliated  with  Compaq  Computer  corporation. 

DIGITAL,  the  Digital  logo,  and  DEC  are  used  under  license  from  Compaq  Computer  Corporation. 

Ml  i  ther  product  names  mentioned  herein  may  be  trademarks  or  registered  trademarks  of  their  respective  companies. 
Dopyright  ©  2001  DNPG,  LLC.  All  Rights  Reserved. 
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Mich  Kabay,  Ph.D.,  is 
security  leader  at 
INFOSEC  Group, 
AtomicTangerine,  Inc., 
San  Francisco.  He  will 
be  the  seminar  leader 
in  the  upcoming,  day¬ 
long  Network  World 
Tech  Update,  "The 
Changing  Face  of 
Information  Security" 
(www.networkworld.com/ 
seminars/security);  call 

800-643-4668 

for  reservations,  held  in 
eight  North  American 
cities  starting  May  15. 
See  his  Q&A  on  page  12. 
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Security  M 


Information  security  has  reached  the  big  time. 

just  a  few  years  ago,  DNS  server  misconfigura- 
tion  and  denial-of-service  attacks  were  esoteric  issues 
discussed  solely  by  nerds. Today,  reports  about  the  vul¬ 
nerabilities  and  attacks  experienced  by  firms  such  as 
eBay,  Amazon  and  Microsoft  appear  in  the  business 
(vs.  technology)  section  of  newspapers. 

But  when  the  press  popularizes  technology,  funda¬ 
mentals  too  often  get  ignored  or  garbled.  Security,  for 
example,  is  often  discussed  by  journalists  and  novices 
(and  always  by  criminal  hackers)  as  if  it  concerns  sole¬ 
ly  data  confidentiality.  Occasionally  someone  remem¬ 
bers  integrity  and  availability,  but  that  C-I-A  model  is 
about  as  far  as  it  goes.  A  better  model  is  the  Parkerian 
Hexad,  which  identifies  six  atomic  and  complete 
components  of  security:  confidentiality,  possession  or 
control,  integrity,  authenticity,  availability  and  utility. 

Also,  the  longstanding  view  that  security  is  merely 
loss  avoidance  makes  it  difficult  to  motivate  many 
organizations,  since  loss  avoidance  is  boring,  difficult 
or  impossible  to  evaluate.  Security  is  particularly  vul¬ 
nerable  to  criticism  when  there  are  no  (detected) 
attacks.  Management  may  want  to  know  why  they  are 
spending  so  much  on  security.  Or  why,  if  security  is  so 
good,  does  the  organization  need  a  bigger  budget  for 
security?  Or  how  can  they  be  sure  the  lack  of  attacks 
isn’t  due  to  luck  rather  than  security?  Worse,  manage¬ 
ment  might  then  conclude  that  no  further  attention  to 
security  is  necessary. 

This  attitude  is  gradually  changing,  however.  More 
and  more  companies,  especially  those  involved  in  e- 
commerce,  realize  that  security  is  a  critical  element  of 
marketing  strategy.  Worries  about  information  priva¬ 
cy  have  reached  almost  universal  levels;  every  study 
confirms  that  most  of  the  holdouts  against  online 
shopping  are  concerned  about  the  security  of  their 
transactions  and  financial  information.  Good  security 
is  a  legitimate  and  important  part  of  the  marketing 
function.  Rather  than  simply  protecting  against  some 
hypothetical  future  damages,  security  now  con¬ 
tributes  to  the  bottom  line.  Security  matters  today. 


Follow  the  (Smart)  Money 
Organizations  need  to  guard  against  security  breach¬ 
es,  while  considering  the  impact  on  performance.  See 
where  the  smart  security  money  is  going  in  the  effort 
to  balance  those  needs. 

BY  FRANK  HENDERSON 

A  Black  Belt  in  Network  Security 
Sud-Chemie's  defense  starts  with  a  software  firewall 
and  includes  proper  configuration  and  a  Web-based 
VPN;  directory-based  authentication  and  a  SAN  are 
next. 

BY  DOUG  BARNEY 

The  Internet  Changes  Everything— 

Especially  Security 

Security  expert  Mich  Kabay  on  protecting 

enterprise  data. 

Security  Myths  and  Realities 

Reducing  your  company's  risk  exposure  requires  much 

more  than  just  a  firewall  and  a  prayer. 

BY  LENNY  UEBMANN 

Front  Line  of  Defense 

Firewalls,  a  good  deterrent  against  hackers,  can  be 
implemented  as  software,  hardware,  or  as  a  combina¬ 
tion  hardware-software  appliance. 

BY  ALAN  RADDING 

Beating  Back  New  Age  Viruses 
Sticking  to  the  basics,  staying  alert  and  keeping 
antivirus  software  up  to  date  are  key  to  protecting 
not  only  your  desktops,  but  now  servers,  gateways 
and  PDAs  that  are  vulnerable  to  attacks. 

BY  DOUG  BARNEY 
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is  easier  to  manage 


Check  Point’s  integrated  VPN-lv“  and  Fire  Wall-1®  solution  is  not  only  easier  to  manage,  but 
ultimately  more  secure  than  two  separate  solutions.  When  integrated,  the  firewall  and  VPN 
share  the  same  user,  resource  and  policy  information,  to  provide  the  highest  level  of  granular 
access  control  and  security.  With  the  power  of  centralized  management,  integrated  user 
authentication,  consolidated  logging,  and  the  utmost  in  security,  you  get  the  best  of  both 
worlds.  Which  explains  why  we  have  more  VPN  and  firewall  installations  than  anyone 
else.  To  satisfy  your  security  needs  for  today  and  all  your  tomorrows,  download  our  white 
paper,  “Integrated  VPN/Firewalls”  at  www.checkpoint.com/vpn  1  and  ease  your  mind. 


Nasdaq:  CHKP 

€>2000  Check  Point  Software  Technologies  Ltd.  VPN-1 
is  a  trademark  of  Check  Point  Software  Technologies  Ltd. 


Check  Point 


Software  Technologies  Ltd, 


We  Secure  the  Internet. 
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Follow  the 


BY  FRANK  HENDERSON 


Organizations  need  to  guard  against 
security  breaches,  while  considering 
the  impact  on  performance .  See  where 
the  smart  security  money  is  going  in 
the  effort  to  balance  those  needs. 


( Smart) 

Money 


hile  security  breaches  over  the  Internet 
have  garnered  a  lot  of  publicity,  leading 
organizations  are  still  trying  to  ensure  securi¬ 
ty  and  user  access  within  their  enterprises.  Many 
firms  are  concerned  with  lost  productivity  due  to 
extraneous  Web  surfing  or  law  suits  emanating  from 
visiting  improper  sites.  Leading  organizations  recog¬ 
nize  the  connection  between  performance  and  secu¬ 
rity,  and  are  developing  policies  that  minimize  vul¬ 
nerability  but  also  allow  for  good  performance. 

A  study  in  2000  by  International  Data  Corp., 
Framingham,  Mass.,  surveyed  several  Fortune  500 
accounts  and  found  the  following  (table  below): 


FACTORS 

RESULT 

Number  of  hours  per  day  each  employee 
spends  on  personal  business 

I 

Number  of  work  days  per  year 

240 

Average  hourly  rate  including 
overhead  expenses 

$40 

Annual  cost  of  lost 
productivity  per  employee 

$9,600 

Source:  International  Data  Corp.,  2000 

A  cottage  industry  has  formed  around  Web  snoop¬ 
ing  devices.  The  products  comes  in  three  main  cate¬ 
gories: 

1.  Products  that  look  for  files  stored  across  your  net¬ 
work  (for  example,  Napster  downloads  that  bring 
the  network  to  a  halt,  pornographic  material,  etc.). 

2.  Products  that  monitor  Web  usage  by  end  user. 


3.  Products  that  monitor  traffic  on  a  detailed  level. 

The  third  variety  of  products  act  as  network  mon¬ 
itors  as  well  as  security  auditing  tools.  This  brings  to 
light  a  new  issue  that  security  consultants  are  trying 
to  solve:  Flow  do  you  do  intrusion  detection  on 
switched  networks?  Can  your  firewalls  decode  pack¬ 
ets  quickly  enough  to  prevent  becoming  a  bottleneck 
in  your  network? 

SPEED  KILLS  MONITORING  CAPABILITIES 

The  Remote  Monitoring  Protocol  (RMON)  was 
developed  to  look  at  one  physical  LAN  at  a  time.  The 
new  gigabit  switches  have  both  the  speed  and  the 
ability  to  create  virtual  (VLANs)  to  connect  users 
logically  rather  than  physically. 

In  the  simplified  example  in  the  Figure  on  page  6, 
the  Accountants  workgroup  is  divided  between  two 
IP  subnets.  Once  the  initial  routes  between  Subnet 
“A”  and  “B”  are  discovered,  IP  packets  are  switched 
within  the  route-group  and  routed  between  route- 
groups.  The  benefits  of  this  configuration  can  be  seen 
in  lower  round-trip  delay,  but  the  problem  results 
when  you  try  to  monitor  these  high-speed  switches. 

You  have  a  couple  of  choices.  You  can  buy  a  multi- 
port  network  probe  (which  probably  is  not  fast 
enough  to  view  all  the  traffic  on  one  port)  and  try  to 
monitor  as  many  ports  as  possible.  The  better  choice 
is  to  install  the  monitoring  probe  on  the  backplane  of 
the  switch.  The  good  news  is  that  one  switch  vendor 
did  install  a  monitoring  blade  on  the  backplane,  but 


Only  one 


companies 


NASDAQ:  WBSN 


Deploying  Internet  filtering  may  not  be  your  choice.  But  picking  the  software  is.  Why 
not  pick  the  same  one  that  thousands  of  other  IT  professionals  have?  One  that 
already  reduces  temptation  for  over  6.6  million  employees.  Its  network 
impact  is  minimal.  Administration  is  next  to  nothing.  It  scales  to  any  size 
organization.  And  it's  already  integrated  with  leading  Internet 
infrastructure  solutions  like  Cisco,  Check  Point,  Microsoft  and  many  others 
Sure  makes  a  hard  choice  an  easy  one. 


EMPLOYEE  INTERNET  MANAGEMENT 


Cisco  Systems 


a  Check  Point” 

Software  Technologies  Ltd.  -  - — 1  1 
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Need  more  proof,  just  visit 
our  Web  site  and  take  a  test 
drive  at  www.websense.com. 
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Check  Point,  Cisco,  etc.),  but  there  has  also  been 
work  done  on  the  standards  side  of  the  table. 

It  involves  (as  most  standards  today  involve)  the  use 
of  extensible  Markup  Language  (XML).  There  are 
two  competing  XML  standards  that  are  being  trum¬ 
peted.  The  first,  Security  Services  Markup  Language 
(S2ML),  attempts  to  share  authentication  and  author¬ 
ization  information  across  multivendor  platforms. The 
second,  AuthXML,  has  similar  goals  to  S2ML  but  dif¬ 
fers  in  implementation  methodology.  Many  in  the 
industry  are  hoping  that  XML  security  efforts  do  not 
splinter  in  the  same  way  that  Public  Key 
Infrastructure  (PKI)  initiatives  have. 


the  bad  news  is  that  the  blade  does  not  have  a  built- 
in  alarm  or  SNMP  trap  facility  to  notify  security 
administrators  of  important  events. 

Likewise,  it  is  only  now  that  some  of  the  firewall 
vendors  are  developing  firewalls  that  filter  at  wire 
speeds.  Before  these  switches,  security  consultants 
were  forced  to  load  balance  their  firewalls  and  devel¬ 
op  firewall  sandwiches. 

Performance  and  security  are  but  two  ends  of  the 
same  continuum.  Only  recently  have  some  specialty 
consulting  groups  become  aware  that  the  two  param¬ 
eters  must  be  balanced,  or  at  least  acknowledged.  For 
instance,  Secure  Socket  Layer  (SSL)  encryption  can 
radically  slow  the  performance  of  a  high-end  Unix 
processor.  Consultants  are  utilizing  load-balancing 
boxes  to  encrypt/ decrypt  the  information  and  let  the 
Unix  processors  handle  database  and  application 
duties. 

Marshall  Hudes,  business  development  partner  of 
Exault  Internet  Solutions,  New  York  City,  says, 
“Enterprises  need  to  supplement  their  base  architec¬ 
tures  with  access  control,  load  balancing,  high  avail¬ 
ability,  caching,  VPN  and  SSL  acceleration  to  meet 
the  high-performance  needs  of  the  enterprise  cus¬ 
tomer  without  compromising  security  concerns.” 

THE  GREAT  THING  ABOUT  STANDARDS  IS... 

This  is  an  old  joke  from  the  OSI  (Open  System 
Interconnection)  days,  but  it  holds  true  in  the  securi¬ 
ty  arena.  There  are  wonderful  firewalls,  intrusion 
detection  devices,  etc.  The  problem  is  the  classic 
conundrum:  How  do  you  integrate  information  from 
devices  from  different  manufacturers?  There  has  been 
work  done  by  leading  security  vendors  (such  as 


POLITICS  AND  SQUABBLES 

There  are  many  excellent  security  products  that  are 
capturing  data  (and  sometimes,  information). 
Unfortunately,  in  most  cases,  the  information  is  not 
being  piped  into  the  same  event  stream  as  network 
and/ or  systems  management. 

For  example,  false  positives  have  plagued  the  intru¬ 
sion  detection  world.  Alarms  go  off,  but  after  much  ad 
hoc  discovery,  it  turns  out  the  tripwire  was  acciden¬ 
tally  set  off.  The  central  console  and  especially  root- 
cause  analysis  software  could  lead  to  a  much  lower 
occurrence  of  false  positives. 

Security  and  network  and  systems  administrators 
need  to  work  together — not  against  one  another.  The 
classic  example  is  the  network  administrator  losing  a 
domain  because  security  has  installed  a  firewall  and 
forbid  User  Datagram  Protocol  (UDP),  which  SNMP 
requires,  to  be  sent  through  the  firewall. 

On  the  network  and  systems  side,  Security  is  Not 
My  Problem  has  become  a  tired  saying.  The  Internet 
Engineering  Task  Force  (IETF)  has  let  too  many 
political  and  personal  squabbles  hinder  the  creation  of 
a  secure  SNMP  that  could  gain  a  dominant  market 
share.  Instead,  vendors  have  patched  together  solu¬ 
tions,  but  they  lack  the  ability  to  work  in  a  multiven¬ 
dor  environment. 

There’s  no  denying  the  connection  between  per¬ 
formance  and  security.  Without  a  good  security  poli¬ 
cy,  the  best  tools  in  the  world  will  have  little  impact 
on  the  environment. 


Frank  Henderson,  a  solutions  architect  with  Melillo 
Consulting,  Inc.,  Somerset,  N.J.,  has  over  15  years  experience 
in  the  design  of  enterprise  managements  solutions. 
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Virus  Protection  by  Symantec.  f 

Symantec  Virus  Protection  solutions  shield  your  network  at  every  vulnerable  point— firewall,  gateway  file  and  mail  servers,  all  the  way  to  the  desktop— and  they're 

certified  on  more  platforms  than  any  other  software.  Plus,  our  Digital  Immune  System "  automatically  eradicates  new  viruses  before  they  can  spread.  To  find  out  more 

. 

about  Symantec  Enterprise  Security,  visit  www.symantec.com/ses  or  call  800-745-6054  x9AZI.  And  put  a  powerful  security  force  to  work  for  you. 


Symantec  and  the  Symantec  logo  are  U  S.  reg.  trademarks  and  the  Digital  Immune  System  is  a  trademark  of  Symantec  Corporation.  ©2001  Symantec  $orpor3lion.  All  Ri< 
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Sud-  Chemie’s 
defense  starts  with 
a  software  firewall 
and  includes  proper 
configuration  and  a 
Web-based  VPN; 
directory-based 
authentication  and 
a  SAN  are  next. 


“Once  every  few  months  or  so  we  get  an  attack, 
mostly  from  spammers  looking  for  an  e-mail  server 
to  pump  mail  through.  After  an  hour  or  so  they  give 
up  since  our  firewall  does  a  good  job  at  keeping 
them  out,”  Strickland  explains.  “We  have  looked  at 
software  and  hardware  solutions,  but  1  personally  like 
the  flexibility  of  software  firewalls.  Hardware  is  a  bit 
cheaper  for  a  given  performance  level  but  not  as 
flexible  or  feature  rich.” 

Operating  systems  also  make  a  difference.  “Our 
results  indicate  Unix  is  a  much  better  platform  for 
firewall  software  than  NT  in  regard  to  performance 
on  a  given  CPU.  Some  NT  firewalls 
and  proxies  need  serious  horsepow¬ 
er,  when  the  Unix  version  seems  to 
do  very  good  on  a  much  smaller 
processor,”  says  Strickland.  But  even 
the  best  firewall  is  useless  without 
proper  configuration.  “We  block  all 
unnecessary  ports,  including  FTP. 
You  even  have  to  be  careful  of  out¬ 
bound  FTP  since  a  Trojan,  not 
caught  by  your  virus  software,  can 
deposit  an  FTP  tool  on  the  inside 
and  then  you  are  hacked  from  the 
inside  out.” 


Mark  Strickland,  IT  manager  of 
Siid-Chemie  in  Louisville,  Ky. 


Mark  Strickland  knows  a  little  about  self- 

■  defense.  The  IT  manager  of  Siid-Chemie 
I  has  been  practicing  martial  arts  for  seven 
years,  most  recently  studying  Shaolin  Kempo  karate. 
But  as  an  IT  pro  with  over  20  years  experience, 
Strickland  also  knows  a  thing  or  two  about  defend¬ 
ing  a  network. 

Network  defense  these  days  begins  with  the  fire¬ 
wall — an  up-to-date,  properly  configured  firewall. 
Munich-based  Siid-Chemie  AG  is  a  specialized 
chemicals  company,  with  a  U.S.  division  in 
Louisville,  Ky.,  where  Strickland  is  located. 
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Stop  DoS  and 
DDoS  Attacks 

in  Seconds! 


The  Captus  Networks’  CaptIO™  enables  service 
providers  and  net-centric  enterprises  to  immediately 
stop  Denial  of  Service  attacks  that  originate  from 
outside  or  inside  the  network. 


captus 

NETWORKS 


TM 


I 


Only  the  CaptIO  delivers  reliable  security  against  DoS  and  DDoS  attacks.  The  unique  integration 
of  firewall  and  IDS  technologies  enable  the  CaptIO  to  ignore  malicious  traffic  —  without  disrupting 
or  impacting  legitimate  network  traffic.  Gigabit  and  Fast  Ethernet  interfaces  allow  easy  integration 
into  existing  network  topologies.  Plus,  each  interface  can  be  individually  configured  with  unique 
security  rules  —  providing  protection  for  up  to  12  discrete  networks  in  a  single  1 U  chassis.  Easy 
to  install  and  configure,  the  CaptIO  includes  secure  device  management  through  a  CLI  or 
browser,  and  is  backed  24x7  by  our  team  of  skilled  support  engineers.  Stop  attacks  today: 
info@captusnetworks.com,  or  call  1-877-9CAPTUS. 

www.captusnetworks.com/stop 
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I  LOVE  YOU-NOT! 

One  of  the  biggest  security  threats  these  days  is  a 
virus.  These  little  buggers  can  delete  critical  data, 
bring  network  performance  to  its  knees,  and  cost 
thousands  and  thousands  of  dollars  to  clean  up.  Savvy 
network  aces  like  Strickland 
often  equip  their  nets  with 
more  than  one  form  of  pro¬ 
tection.  “We  have  used  two 
brands  of  virus  software  for 
several  years.  The  e-mail  serv¬ 
er  is  protected  with  one  brand 
and  file  servers  and  desktops 
with  another.  This  ‘genetic’ 
diversity  helps  catch  more 
^  viruses.”  Once  the  software  is 
I  in  place,  keeping  it  updated  is 
critical,  says  Strickland.  “If  you 
>  don’t  deploy  current  patterns 
and  updates  you  compromise 

your  ability  to  catch  virus  out- 
d, 

le  breaks.” 

But  after  several  dozen 
machines  were  trashed  by  the  I  Love  You  virus,  Slid— 
Chernie  went  a  step  further,  and  started  to  block  cer¬ 
tain  kinds  of  traffic.  “That  day  we  made  the  decision 
to  block  all  executable  e-mail  attachments.  This 
includes  binary  executables  and  script-type  executa¬ 
bles.  I  recently  read  about  the  possibility  of  a  Trojan 
being  carried  in  a  compiled  help  file  (.CHM)  so  we 
are  now  blocking  those  also,”  Strickland  says. 

For  those  attachments  that  absolutely  must  go 
through,  Sud-Chemie’s  firewall  will  quarantine  the 
file.  Then  IT  can  check  out  the  file  and  pass  it  along 
if  it’s  not  infected. 

PSST !  WHAT’S  THE  PASSWORD? 

Despite  all  the  hoopla  about  fingerprints,  retina  scans 
and  digital  certificates,  passwords  remain  the  most 
popular  way  to  identify  a  user  and  keep  out  intrud¬ 
ers.  Since  most  Siid-Chemie  end  users  have  four  to 
five  passwords,  the  company  has  some  issues  with 
password  aging.  However,  the  company  is  moving 
toward  directory-based  authentication.  Currently  an 
LDAP  server  synchronizes  with  the  NT  Domain 
Server.  Those  on  a  Unix  Mail  server  also  authenticate 
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“We  have  looked  at  softwar 
and  hardware  solutions,  but 
personally  like  the  flexibilit) 
of  software  firewalls.  ” 

—Mark  Stricklan 
IT  manager  of  Sud-Chem 


via  LDAP.  Eventually  the  company’s  legacy  VAX  sys¬ 
tem  will  also  synchronize  with  LDAP,  and  Siid- 
Chemie  will  be  on  its  way  to  having  all  passwords  val¬ 
idated  or  synchronized  from  a  single  source — and 
that  is  when  Strickland  will  begin  aging  all  passwords. 

VIRTUALLY  SECURE 

One  of  IT’s  biggest  nightmares  these  days  is  the  pro¬ 
liferation  of  remote  and  mobile  workers.  How  do 
you  give  these  folks  access  to  your  network  without 
compromising  security?  For  Siid-Chemie,  the 
answer  is  a  virtual  private  network  (VPN). This  capa¬ 
bility  already  comes  built  into  Windows  NT  in  the 
form  of  Remote  Access  Services  (RAS).  For  the  last 
two  years  remote  workers  have  dialed  into  an  800 
number  and  accessed  the  network  via  NT. 
Unfortunately,  the  service  took  off — pushing  dial-up 
charges  through  the  roof.  The  answer?  A  pure  Web- 
based  VPN. 

Here,  Siid-Chemie  saved  a  few  dollars  by  using 
what  it  already  had.  “We  installed  some  software  on 
a  ‘spare’  Unix  box  and  you  can  make  a  Web  connec¬ 
tion  and  tunnel  into  our  network.  The  tunnel  soft¬ 
ware  requires  a  key  file  to  be  generated  for  each  user 
and  machine.  The  key  works  with  the  client  tunnel 
software  to  provide  an  encrypted  secure  connec¬ 
tion,”  Strickland  explains. 

So  far  so  good.  “The  speed  is  excellent,  and  if  you 
use  a  broadband  cable  or  DSL  connection,  it  is 
almost  like  being  on  the  LAN.  Since  the  key  and 
tunnel  software  must  be  installed  on  the  client,  hack¬ 
ing  risks  are  minimized.  Launching  the  tunnel  client 
itself  is  also  password-protected  to  help  reduce  secu¬ 
rity  risks  if  a  laptop  is  stolen  or  lost.” 

Next  up  is  a  new  approach  to  securing  the  com¬ 
pany’s  storage.  Right  now  each  server  has  its  own 
storage,  but  over  time  Siid-Chemie  will  move  to  a 
storage  area  network  (SAN).  Says  Strickland,  “A 
SAN  will  allow  a  much  more  efficient  use  of  disk 
space  and  greatly  simplified  administration.  This  will 
be  a  budget  item  for  a  2002  upgrade.  I  would  advise 
any  IT  shop  to  look  at  the  SAN  of  their  choice  to 
see  how  it  can  fit  in  their  landscape.” 


Technology  writer  Doug  Barney  is  a  former  editor  of 
Network  Wo  rid. 
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The  Internet  Changes  Everything- 

Especially 


Security 

Security  expert  Mich  Kabay  on 
protecting  enterprise  data. 


e  asked  Dr.  M.E.  Kabay,  security  leader, 
INFOSEC  Group,  AtomicTangerine,  Inc., 
to  talk  about  how  to  establish  and  enforce 
appropriate-use  policies  for  Internet  usage  in  the 
enterprise.  Here  are  some  of  his  comments. 

M  I  How  do  Internet  usage  policies  fit  into  a  secu- 
zy.  rity  policy?  Why  does  Internet  usage  affect  the 
enterprise  at  all — isn’t  it  much  like  telephone  usage? 

A  Even  telephone  usage  is  regulated  to  some 
extent  in  most  workplaces.  Although  there  is 
usually  a  limited  expectation  of  privacy  for  personal 
calls  made  with  corporate  phones,  many  organiza¬ 
tions  warn  both  employees  and  callers  that  calls  may 
be  monitored  or  recorded  for  management  and 
training  purposes. 

However,  the  use  of  corporate  systems  for  Internet 
access  raises  more  problems  than  phone  usage. 
Telephone  abuse,  such  as  calling  pay-per-minute 
porn  lines,  usually  gets  caught  by  accountants  in  the 
monthly  billing  cycle;  excessive  personal  calling  can 
be  spotted  by  analysis  of  call-detail  accounting 
reports  showing  repeated  long  calls  to  a  few  num¬ 
bers.  However,  numerous  studies  have  found  that 
Internet  usage  is  a  major  problem  in  terms  of  affect¬ 
ing  productivity,  creating  a  hostile  work  environment 
and  damaging  the  reputation  of  an  enterprise. 

On  the  productivity  side,  surfing  the  Web  at  work 
for  material  unrelated  to  the  job  at  hand  can  waste 


hours  a  day  per  person.  In  addition,  if  several  people 
download  large  files  or  visit  image-heavy  pages  (e.g., 
porn  sites),  the  cumulative  effect  can  significantly 
affect  available  bandwidth  for  other  users  trying  to 
get  their  work  done. 

As  for  a  hostile  work  environment,  employees 
downloading,  printing  or  disseminating  offensive 
materials,  both  pornographic  and  hateful,  has  caused 
emotional  distress  to  the  victims  of  their  inappropri¬ 
ate  behavior.  Organizations  have  fired  dozens  of  staff 
members  at  once,  including  managers,  for  such 
abuse  of  Internet  resources.  Adverse  publicity  that 
damages  credibility  exacerbates  the  problem,  and 
can  even  encourage  lawsuits  by  other  people  who 
have  been  harmed  by  similar  behavior  at  different 
times. 

Finally,  misusing  corporate  resources  to  publish 
irresponsible,  inaccurate,  misleading,  offensive, 
libelous  and  dishonest  statements  by  e-mail,  to  list 
servers  or  on  the  Usenet,  can  be  a  disaster  not  only 
for  the  individuals  concerned,  but  for  everyone  in 
the  enterprise.  All  employees  must  understand  that 
anything  sent  or  published  using  a  corporate  e-mail 
address  is  considered  the  equivalent  of  using  corpo¬ 
rate  letterhead 

|/n  public  lectures  and  articles,  you’ve  encouraged 
management  to  establish  a  “framework”  around 

continued  on  page  16  »»»> 
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Trend  Micro 
InterScan  VirusWall 


Enterprise  virus  protection  begins  at  your 
Internet  gateway. The  protection  of  choice: 
InterScan  VirusWall®  from  Trend  Micro. 


InterScan  VirusWall's  performance  and 
global  support  tower  above  any  other 
gateway  virus  solution.  With  a  54%  market 
share,  InterScan  VirusWall  is  trusted  by  more 
enterprises  than  all  other  gateway  virus 
solutions  combined,  and  is  preferred  more 
than  2  to  1  over  any  competitive  product. 


The  reason?  It's  simple.  InterScan  VirusWall 
provides  the  most  scalable,  easily 
manageable  protection  against  known 
and  unknown  viruses.  It  scans  incoming  and 
outgoing  SMTP,  HTTP,  and  FTP  traffic,  finds 
viruses  in  compressed  c 
encoded  attachments, 
and  even  detects 
potentially  harmful 
ActiveX  and  Java 
code.  With  the  optional 
eManager  plug-in,  it 
works  as  a  complete  content 
security  solution. 
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See  for  yourself  why  InterScan  VirusWall  is  #  I. 
Get  a  free  evaluation  CD — and  a  free  copy  of 
our  white  paper,  "Safe  Computing  Practices"— 
at  www.trendmicro.com/4  (or  call 
1-800-228-5651). 


% 


TREND, 

MICRO 


your  Internet  VirusWall 


©2001  Trend  Micro  Inc.  All  company  and/or  product  names  are  the  property  of  their  respective  trademark  owners. 


The  roads  of  the  Internet  have  already  been  built 


Focus  on  the  people  using  them. 


Welcome  to  the  real  world. 


NOKIA 

Connecting  People 


Extend  the  secure  reach  of  your 
IP  network  to  the  real  world. 


Nokia  security  appliances  enable  personal,  trusted 
connections  over  the  Internet  for  companies  of 
all  sizes.  From  small  offices  to  carrier-class 
implementations,  our  relationships  with  companies 
such  as  Check  Point  Software  Technologies, 

McAfee  and  Internet  Security  Systems™  help  us 
integrate  all  the  capabilities  of  their  software  while 
simplifying  deployment.  Our  patented  IP  Clustering 
technology  takes  the  reliability  and  scalability  of 
VPNs  to  new  levels. 


Each  Nokia  appliance  is  factory-configured  to 
customer  specifications,  rigorously  tested,  delivered 
ready  for  installation,  and  easily  serviced.  Our  First 
Call  -  Final  Resolution  support  provides  a  central 
point  of  contact  for  global  technical  expertise,  from 
hardware  to  third-party  software.  So  you  can  focus 
on  your  customers'  needs  as  well  as  your  network's. 
For  a  broader  perspective,  visit  our  website  at 
www.nokia.com/internet/na  or  call  us  at 
1-800-582-2823 
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which  to  formulate  Internet  policies.  What  do  you 
mean  by  that? 

A  The  use  of  any  technology  is  primarily  a  social 
and  psychological  issue,  not  fundamentally  a 
technical  one.  Human  beings  will  find  ways  around  a 
policy  or  a  technological  fix  with  which  they  dis¬ 
agree.  Defining  and  setting  policy  should  begin  with 
the  selection  of  a  broad  cross-section  of  personnel, 
including  representatives  from  every  sector  of  the 
enterprise.  Where  possible,  the  people  who  make  up 
any  policy  committee  should  be  well  respected  and 
well  liked  in  their  work  units;  ideally,  they  would 
be  experienced  not  only  in  their  current 
position,  but  they  would  also  have 
i,  worked  in  different  sectors  of  the 
organization  during  their 
employment  there. 

Employees  often  view 
security  policies  with  hos¬ 
tility  because  they  perceive 
the  policies  as  impositions 
of  arbitrary  restrictions  by 
anonymous  bureaucrats 
who  have  no  sense  of  the 
disruption  in  operations  and 
productivity  that  onerous 
rules  can  cause.  Formulating 
security  policies  based  on  a 
sound  understanding  of  the  issues  by  everyone  in  the 
enterprise  is  the  only  way  to  protect  corporate  assets 
and  reputation  in  the  long  run. 

The  Information-Protection  Working  Group 
(I  avoid  using  the  word  “security”  in  the  title  because 
of  its  negative  connotations)  needs  to  listen  carefully 
to  its  members’  objections  and  suggestions.  Genuine 
collaboration  not  only  builds  a  consensus  within  the 
Working  Group,  but  also,  more  importantly,  it  creates 
a  legitimate  sense  of  involvement  and  ownership  by 
the  group  members.  Members  of  such  a  group 
become  the  most  valuable  conduits  for  security 
awareness  and  for  practical  improvements  in  policy. 
The  goal  is  to  ensure  that  everyone  understands  that 
protecting  the  enterprise  is  part  of  each  person’s  job. 


Q 


You  favor  monitoring  software  over  blocking 
software.  Why? 


A  Blocking  software  doesn’t  work  well;  all  of  the 
products  have  dreadful  rates  of  false  positives 
(rejection  of  harmless  sites)  and  some  impose  a  reli¬ 
gious  or  political  bias  incompatible  with  serious 
research.  In  contrast,  monitoring  software  at  least 
offers  the  opportunity  for  discussion — and  discussion 
(real  discussion,  not  just  a  one-sided  lecture)  is  the 
essential  component  for  success  in  changing  behavior. 

§  your  experience  as  an  Internet  security  spe- 
2^1  cialist,  what  do  you  think  good  monitoring  soft¬ 
ware  should  do? 

A  Monitoring  software  should  provide  supervi¬ 
sors  with  a  clear  record  of  exactly  what  hap¬ 
pened  on  a  business  computer.  Ideally,  it  would  also 
provide  management  with  reports  on  frequency  of 
access  to  any  specific  site  or  group  of  sites  by  indi¬ 
vidual  users  or  aggregated  groups  of  users. 

§  § Supervision  by  walking  around — how  is  this  a 
.  better  way  for  supervising  Internet  use  than  a 
piece  of  software? 

A  A  program  cannot  teach  values;  a  thoughtful 
human  being  with  sensitivity  can  talk  to  people 
and  explain  the  implications  of  different  kinds  of 
misuse.  A  computer  program  can,  at  worst,  make  an 
employee  even  more  determined  to  overcome  the 
barriers  it  rigidly  imposes  without  explanation. 

M  mlf  you  were  responsible  for  appropriate  use  of 
.  technology  in  any  enterprise,  what  would  keep 
you  up  at  night? 

A  Starting  with  the  worst,  (1)  Child  pornography 
on  a  corporate  computer.  Remember  that 
making,  distributing  and  possessing  child  pornogra¬ 
phy  is  a  felony.  (2)  Threats  from  a  corporate  user 
toward  anyone,  especially  kids.  (3)  Criminal  activi¬ 
ties  originating  from  my  systems;  e.g.,  Web  deface¬ 
ment,  other  penetration,  denial  of  service,  unsolicit¬ 
ed  commercial  e-mail  (“spam”),  malicious  e-mail 
forgery  or  counterfeiting  official  documents  or 
money.  (4)  Use  of  corporate  systems  for  fraud;  e.g., 
pump-and-dump  stock  manipulation.  (5)  Abusive, 
racist,  sexist,  hateful  or  any  other  unprofessional 
communications  from  my  systems  that  would  bring 
disrepute  on  the  enterprise. 


INTELLIGENT  ALERT.  INSTANT  RESPONSE. 

Managing  network  security  is  a  full-time  job.  Firewalls 
are  a  good  start,  but  it  takes  more  than  just  hardware 
and  software  to  get  the  job  done.  Real  security  means 
spotting  attacks  and  responding  to  them  the  instant 
they  occur.  That’s  what  it  takes  to  make  sure  an  attack 
doesn’t  compromise  your  business,  shut  your  network 
down,  and  send  your  stock  plummeting. 


Counterpane  detects  internal  and  external  threats 
to  your  business  by  manning  operations  centers 
with  the  world’s  foremost  network  security  experts - 
experts  who  know  the  latest  risks  and  monitor  your 
network  for  any  irregular  activity  24/7/365. 

We  watch.  We  respond.  We  are  your  best  defense. 
And  we  never  rest. 


When  you  register  for  our 
web  seminar,  “How  Safe  Is 
Your  Network  From  Hackers?” 
at  www.counterpane.com, 
you’ll  receive  a  free  copy  of 
Secrets  e[  Lies,  a  new  book 
from  Bruce  Schneier, 
co-founder  of  Counterpane. 

Or  call  us  at  (866)  212-5432. 
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Security 


BY  LENNY  LIEBMANN 


Reducing  your  company’s  risk  exposure  requires 
much  more  than  just  a  fi  rewall  and  a  prayer. 


intrusion  detection 
systems,  antivirus 
Economy  raises  the 
stakes  of  IT  security,  the  technologies  for  safeguard¬ 
ing  corporate  data  assets  are  getting  more  powerful 
and  sophisticated. 

But  expert  observers  and  seasoned  security  man¬ 
agers  caution  IT  pros  not  to  be  seduced  by  cool  tools 
and  nifty  features. Yes,  todays  security  products  have 
a  lot  to  offer.  Those  products,  however,  won’t  do  you 
much  good  if  you  don’t  have  a  full  understanding  of 
what  it  takes  to  really  minimize  the  risks  posed  by 
internal  and  external  threats. 

Some  of  the  main  principles  these  security  gurus 
preach  are: 

1.  SECURITY  IS  A  PROCESS,  NOT  A  PRODUCT 

Rigorous  procedures  are  essential  for  maintaining 
security  over  time.  Antivirus  software  is  great,  but 
you  must  keep  it  updated.  “The  number  one  mistake 
people  make  is  not  staying  on  top  of  vulnerabilities,” 
declares  Mike  Shanley,  Rochester  N.Y.  Shanley  has 
held  several  IT  executive  positions  (most  recently  at 
Eyeweb.com)  since  leaving  the  National  Security 
Administration  where  he  worked  as  a  computer 
security  specialist.  He  says  that  the  Web  makes  it 
pretty  easy  to  keep  current  with  the  latest  security 


bug  notifications  and  fixes.  Unfortunately,  most 
organizations  neglect  this  important  work. 

2.  BE  YOUR  OWN  WORST  ENEMY 

Shanley  is  also  a  big  advocate  of  active  scanning — the 
continual  testing  of  security  by  managed  attacks. 
“Even  people  who  find  out  about  and  install  the  lat¬ 
est  security  patches  make  the  mistake  of  then  not 
testing  them,”  he  notes.  “As  a  result,  they  never  find 
out  whether  they  actually  installed  it  correctly  or 
not."  Shanley  and  others  therefore  advocate  the  use 
of  self-hacking  tools  to  verify  that  known  holes  have 
been  properly  plugged. 


What  Would  You  Change  About  Your 
Security  Infrastructure  to  Make  it 


Authentication  More  Technology/  Trusted  Trusted  More 

of  users  accurate  product  Web  server  operating  automation 
monitoring  integration  system 


Firewalls , 

software.  As  the  Information 


Source:  NetworkWorld  survey  of  network  IS  managers 
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The  Threat  from  the  Net 


While  many  organizations  trust  their  best  systems 
administrators  or  network  engineers  with  critical 
security  tasks,  those  in-the-know  say  that’s  not  a  great 
idea.  Wilmington,  Del. -based  Stephen  Worden,  who 
like  Shanley  has  held  a  variety  of  corporate  and  dot¬ 
com  executive  positions,  gives  two  reasons  not  to  put 
security  management  in  the  hands  of  core  IT  staff. 
For  one  thing,  Worden  says,  a  staff  technician  who  has 
helped  build  the  infrastructure  being  assessed  won’t 
be  quite  as  motivated  to  find  problems  as  those  who 
haven’t.  “You’re  really  asking  them  to  make  them¬ 
selves  look  bad,”  he  observes.  “That’s  not  a  great  idea.” 

Second,  there’s  the  matter  of  expertise — not  just  in 
technology,  but  in  the  nature  of  vulnerabilities  and 
how  hackers  exploit  them.  “If  someone  didn’t  know 
enough  to  protect  a  system  against  a  threat,  they’re 
probably  not  going  to  be  able  to  find  it,  either,” 
Worden  declares. 

That’s  why  Worden  and  Shanley  both  recommend 
a  dedicated  security  officer  for  those  organizations 
that  can  afford  it,  and/or  the  use  of  outside  security 
specialists.  “Today,  infosec  is  too  complex  and  too 
crucial  to  be  someone’s  part-time  job,”  says  Shanley. 

4.  POLICY  IS  THE  BEST,  HONESTLY 

Security  also  doesn’t  just  depend  on  top-tier  techni¬ 
cal  staff.  Ultimately,  effective  security  depends  on  the 
behaviors  of  every  person  who  has  access  to  a  PC. 
That’s  why  truly  security-conscious  companies  take 
the  time  and  effort  to  put  their  security  policies  in 
writing  and  present  them  to  every  employee.  “If  you 
have  people  who  don’t  know  that  they  shouldn’t 
open  an  e-mail  attachment  that  ends  in  .vbs,  you’re 
going  to  have  a  tough  time  protecting  yourself  from 
e-mail  threats,”  explains  Worden.  “Taking  a  few  min¬ 
utes  during  employee  orientation  to  review  basic 
security  principles  can  really  pay  off  in  the  long  run.” 

5.  WHERE  THE  RISKS  ARE 

The  well-publicized  problems  at  major  e-business 
sites  don’t  represent  the  majority  of  real-world  inci¬ 
dents.  Most  security  problems  remain  internal,  rather 
than  external,  in  origin.  And  most  of  those  are  acci- 
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dental  rather  than  malicious.  “Authorized  users 
delete  important  files  and  take  critical  resources 
offline  way  more  often  than  outsiders  ever  will,”  says 
Worden.  In  fact,  according  to  the  International 
Computer  Security  Association’s  (ICSA)  2000  sur¬ 
vey,  only  17%  of  insider  security  breaches  were  clear¬ 
ly  deliberate.  That  makes  it  obvious  that  users  have  to 
be  protected  from  themselves,  as  much  as  or  more 
than  they  need  to  be  protected  from  intruders. 

Understanding  which  risks  are  real  and  which 
ones  are  only  perceived  is  critical.  For  example,  many 
IT  departments  encrypt  e-mail  to  protect  corporate 
communications  as  they  travel  “in  the  clear”  over  the 
Internet.  Yet,  according  to  Dr.  Peter  Tippett,  chief 
technologist  at  TruSecure  Corp.  (the  for-profit  cor¬ 
poration  birthed  by  the  ICSA),  Reston.Va.,  e-mails 
are  never  intercepted  in  transit.  “Plenty  of  informa¬ 
tion,  on  the  other  hand,  has  been  stolen  from  hard 
drives,”  he  points  out.  “But  how  many  IT  groups 
routinely  encrypt  their  hard  drives?” 

It’s  also  important  to  quantify  the  potential  finan¬ 
cial  consequences  of  any  exposure.  After  all,  tempo¬ 
rary  loss  of  mail  services  might  get  a  lot  of  people 
very  aggravated,  but  the  real  cost  in  terms  of  pro¬ 
ductivity  might  only  be  in  the  low  five  figures. 
Failure  to  protect  customers’  confidential  data,  on  the 
other  hand,  could  expose  your  company  to  several 
million  dollars  in  lawsuits  and  fines.  Such  risk  quan¬ 
tification  can  help  determine  priorities  when  limita¬ 
tions  of  time  and  budget  make  it  impossible  to 
address  every  known  security  issue  in  existence. 

6.  NO  ISLANDS 

Finally,  there  is  general  consensus  about  one  of  the 
biggest  issues  facing  corporate  security  managers 
today:  In  the  interconnected  world  of  e-business,  the 
security  of  your  own  environment  is  largely  contin¬ 
gent  upon  the  security  of  your  trading  partners’  envi¬ 
ronments.  IT  security  managers  therefore  need  to 
work  closely  with  their  counterparts  at  other  com¬ 
panies  to  reduce  exposures.  “You  can’t  just  ‘batten 
down  the  hatches’  anymore,”  says  Tippett.  “Now  it’s 
more  about  working  together  to  maximize  security 
without  compromising  the  ease-of-access  that’s  so 
fundamental  to  the  New  Economy.” 


Lenny  Liebmann  is  a  freelance  writer  in  Highlands,  N.J. 
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CaptIO™ 

Captus  Networks 

(877)  9CAPTUS 

www.captusnetworks.com 

The  Captus  Networks'  CaptIO™ 
enables  service  providers  and  net-centric  enterprises  to 
immediately  stop  Denial  of  Service  (DoS)  and  Distributed 
DoS  (DDoS)  attacks  that  originate  from  outside  or  inside 
the  network.  The  unique  integration  of  firewall  and  IDS 
technologies  enable  the  CaptIO  to  ignore  malicious  traffic  - 
without  disrupting  or  impacting  legitimate  traffic.  Gigabit 
and  Fast  Ethernet  interfaces  -  individually  configurable  with 
unique  rules  -  allow  easy  integration  into  existing  network 
topologies  with  secure  CLI  and  browser  device  management. 


Checkpoint  Check  Point  Software 

Software  Tkchnologi  es  Ltd.  _ 

Technologies 

(650)  628-2000 

www.checkpoint.com 

Check  Point  Software  Technologies' 
Secure  Virtual  Network  (SVN)  archi¬ 
tecture  provides  security  for  the 
Internet  Economy.  The  VPN-1  family 
of  products  meets  the  demanding  requirements  of  enter¬ 
prise  virtual  private  networks  (VPNs)  by  providing  secure 
Internet-based  connectivity  to  corporate  networks,  remote 
and  mobile  users,  satellite  offices,  and  partner  sites.  Based 
on  Check  Point's  market-leading  FireWall-1  security  suite 
and  powerful  VPN  technology,  VPN-1  solutions  integrate 
advanced  virtual  private  networking  as  a  core  component 
of  an  overall  security  policy. 


We  Secure  the  Internet. 


NOKIA 

Connecting  People 


Nokia  Internet 
Communications 

(877)  997-9199 

www.nokia.com/internet/na 

Nokia  Internet  Communications 
provides  world-class  Network  Security  and  Virtual  Private 
Network  solutions  for  corporate  enterprise  and  managed 
service  provider  networks.  Our  reliable,  manageable  appli¬ 
ances  deliver  on  our  commitment  to  end  users  —  personal, 
trusted  transactions  that  connect,  each  and  every  time.  For 
more  information,  please  visit  www.nokia.com  and  click 
Secure  Network  Solutions. 
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Counterpane" 

Internet  Security 
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Counterpane  Internet 
Security,  Inc. 

(866)  212-5432 

www.counterpane.com 

Counterpane  Internet  Security, 
Inc.  provides  Managed  Security 
Monitoring  for  enterprises  that 
conduct  e-business  —  an  "alarm  service  for  the  Internet." 
Counterpane  vigilantly  monitors  its  customers'  complex 
security  networks  on  a  24x7  basis,  identifying  intruders 
and  minimizing  the  exposure  an  enterprise  suffers  from 
such  attacks.  The  Company's  innovative  solution  is  cen¬ 
tered  around  a  global  network  of  Secure  Operations 
Centers,  staffed  by  teams  of  expert  security  analysts  and 
backed  by  the  most  current  intelligence  resources. 


Genidocs 

Omtool,  Ltd. 

(800)  886-7845 

www.omtool.com 

Omtool  designs,  develops,  markets 
and  supports  open,  client/server 
software  solutions  that  enable  secure,  business-to-business 
electronic  document  exchange.  The  company's  fax  server 
products  are  installed  worldwide  in  banking,  legal,  finance, 
manufacturing  and  retail  businesses.  Omtool's  new  e-mail 
based  application  -  Genidocs,  offers  secure,  confirmed, 
digitally  signed  e-mail,  delivering  a  fast,  convenient,  elec¬ 
tronic  solution  to  exchanging  business  documents  with 
confidentiality. 


omtool 
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Firewalls,  a  good  deterrent  against  hackers,  can 
be  implemented  as  software,  hardware  or  a 
combination  hardware-software  appliance. 


the  FBI  reported  $265  mil- 
^  lion  in  verifiable  losses  due 
to  computer  security  breaches,  more  than  double  the 
previous  year.  Between  more  businesses  connecting 
to  the  Internet  and  the  proliferation  of  powerful, 
easy-to-use  hacking  tools,  the  losses  are  bound  to  go 
up.  Gartner  Group,  Stamford,  Conn.,  expects  by 
2003  that  50  percent  of  small  and  midsize  enterpris¬ 
es  using  the  Internet  for  more  than  e-mail  will  expe¬ 
rience  a  successful  Internet  attack,  such  as  Web  site 
hacking  and  the  spreading  of  viruses.  Yet  many  man¬ 
agers,  particularly  at  small  and  midsize  businesses,  still 
resist  implementing  even  the  most  basic  of  security 
measures,  namely  a  firewall. 

The  firewall,  a  set  of  programs  that  protect  an 
organization’s  network,  systems  and  data  resources 
from  users  outside  the  network,  represents  the  front 
line  of  defense  against  hackers.  Working  in  conjunc¬ 
tion  with  the  router,  the  firewall,  which  can  be 
implemented  as  software,  hardware  or  a  combination 
hardware-software  appliance,  examines  each  network 
packet  to  determine  whether  to  forward  it  toward  its 
destination  or  block  it.  Sophisticated  firewalls  com¬ 
bine  a  variety  of  filtering  and  security  capabilities, 
antivirus  protection,  intrusion  detection,  content 
policy  management  and  virtual  private  network 
(VPN)  capabilities.  Basic  firewalls  simply  restrict 
access  to  and  from  the  corporate  network. 

“I  advise  every  client  connecting  to  the  Internet 


to  get  a  firewall,”  says  Greg  Botto,  CEO,  Global 
Network  Services,  a  network  consulting  firm  based 
in  Redwood  City,  Calif.  But  not  all  of  his  clients  take 
his  advice. 

“The  saturation  rate  for  firewalls  is  really  pretty 
low,”  reports  Chris  Christiansen,  analyst, 
International  Data  Corp.  (IDC),  Framingham,  Mass. 
Large  companies  do  best,  achieving  a  50  percent  fire¬ 
wall  saturation  rate  in  2000,  followed  by  midsize 
organizations  at  41  percent.  But  among  small  busi¬ 
nesses,  firewall  saturation  amounts  to  a  mere  14  per¬ 
cent.  The  low  saturation  level  presents  an  opportuni¬ 
ty  for  both  firewall  vendors  and  hackers  as  they  race 
to  see  who  gets  to  the  organization  first. 

Firewall  vendors  have  responded  with  an  array  of 
products,  to  suit  every  organization  and  budget. 
Solutions  include  firewall  appliances,  multifunction 
firewalls,  proxy  servers,  personal  firewalls  and  even 
firewall  capabilities  offered  as  a  fee-based  network 
service. 

At  the  high  end,  vendors  are  introducing  extreme¬ 
ly  scalable  gigabit  firewalls  designed  for  large  enter¬ 
prises  that  must  handle  massive  volumes  of  traffic, 
notes  Christiansen.  Also  at  the  high  end  are  the  mul¬ 
tifunction  firewall  and  router  combinations,  some¬ 
times  referred  to  as  a  God  box,  which  can  monitor 
and  control  traffic  to  and  from  the  network  in  a  vari¬ 
ety  of  ways. 

At  this  level,  firewalls  can  become  the  foundation 
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InterScan  VirusWall 

Trend  Micro,  inc. 

(800)228-5651 

www.trendmicro.com 

Every  FireWall  Needs  A  VirusWall! 
With  a  54%  market  share, 
InterScan  VirusWall  is  the  smart 
choice  for  enterprise  virus  protec¬ 
tion.  The  Internet  Gateway  is  the  most  vulnerable  point  for 
computer  viruses  and  other  malicious  code  to  enter  your 
enterprise.  And  for  protection  at  this  critical  point, 

InterScan  is  chosen  more  than  2  to  1  over  any  competitive 
product.  See  for  yourself  why  InterScan  VirusWall  is  the  #1 
protection  at  your  #1  point  of  vulnerability. 


TREND, 

M  I  C  R  O 

your  Internet.  VirusWall 


Recourse 
Technologies 

(877)  786-9633 

www.recourse.com 
Trap  and  Track  Hackers.  Recourse  Technologies  is  the  lead¬ 
ing  provider  of  Threat  Management  Solutions  that  are 
redefining  network  security.  Now,  organizations  can  contain, 
control  and  respond  to  malicious  computer  attacks  enabling 
secure  and  uninterrupted  business  operations.  For  the  first 
time,  businesses  gain  valuable  time  and  information  that 
are  critical  for  fast  and  effective  attack  detection,  analysis 
and  response.  Visit  us  on  the  web  at  www.recourse.com. 


Recourse 


Technologies,  Inc 


Sniffer  Wireless 

Sniffer  SnifferTechnologies 

^^TECHNOLOGIES  (800)  SNIFFER 

www.sniffer.com 

Sniffer  Technologies  is  meeting  the  growing  demands  of  cus¬ 
tomers  who  want  high-quality,  long-term  management,  moni¬ 
toring  and  analysis  capabilities  through  the  industry's  first  wire¬ 
less  LAN  protocol  analyzer  -  Sniffer  Wireless.  Customers  world¬ 
wide  ultimately  win  higher  security  and  maximized  performance 
within  their  802.11  b-based  wireless  LAN  infrastructures. 


SPECTRUM 

APRISITIA  Security  Manager 

’  MANAGE  WHAT  MATTERS  ApTISHld 

(877)  468-1448 

www.aprisma.com 

Aprisma's  SPECTRUM  Security  Manager  is  a  network  scal¬ 
able  security  management  system  for  firewalls,  routers,  intru¬ 
sion  detection  systems,  anti-virus,  and  other  security  systems. 
The  built-in  artificial  intelligence  allows  organizations  to  react 
as  a  single  entity  rather  than  as  a  group  of  loosely  connected 
applications  and  processes.  SPECTRUM  Security  Manager 
receives  and  correlates  events  and  logs  from  all  the  firewalls, 
intrusion  detection  systems,  routers,  and  other  devices  to  give 
a  single  view  of  security  in  the  network. 


_ ^  Websense 

Websense  (800)723-1166 

www.websense.com 

Websense  (NASDAQ:WBSN)  is  the  leading  provider  of  employ¬ 
ee  Internet  management  (EIM)  solutions.  Websense  Enterprise 
Internet  filtering  software  enables  businesses  to  monitor,  report 
and  manage  how  their  employees  use  the  Internet,  helping  to 
improve  employee  productivity,  conserve  network  bandwidth 
and  mitigate  potential  legal  liability.  It’s  easy  to  install  and  main¬ 
tain  and,  it's  integrated  with  leading  Internet  infrastructure  prod¬ 
ucts  including  Cisco,  Check  Point,  Microsoft  and  many  others. 
Websense  currently  serves  more  than  12,000  organizations 
worldwide,  including  239  of  the  Fortune  500.  For  more  informa¬ 
tion  and  a  free  30-day  trial,  visit  www.websense.com. 


,  Enterprise  Security 

^Symantec.  Symantec 

(800)  745-6054  x9NK5  . 

http://enterprisesecurity.symantec.com/ses2 

Enterprise  Security  by  Symantec.  Networks  Secured. 
Viruses  eliminated.  Threats  neutralized.  Vulnerabilities 
detected.  Attackers  thwarted.  Reputations  saved.  Peace  of 
mind  restored.  With  Symantec  Enterprise  Security,  busi¬ 
ness  of  all  sizes  can  have  a  comprehensive,  enterprise¬ 
wide  security  force  working  just  for  them. 


Source:  International  Data  Corp. _  Source:  International  Data  Coro. 
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Windows,  Linux  Clamor 
for  Protection 


for  deployment  of  a  broad  variety 
of  security  products,  including 
VPN,  bandwidth  management,  vul¬ 
nerability  assessment,  intrusion 
detection  and  URL  filtering  and 
blocking. 

The  challenge  with  the  multi¬ 
function  firewalls,  however,  is  com¬ 
plexity.  These  devices  require  highly 
skilled  technicians  and  continuous 
maintenance  and  tuning.  They  also 
raise  concerns  about  compatibility 
with  the  existing  corporate  IT 
infrastructure,  and  about  perform¬ 
ance  and  throughput  now  that  the 
firewall  must  handle  a  wide  range  of 
tasks. 


Firewall  software  spending  by 
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APPLIANCE  APPEAL 

At  the  low  end  and  middle  of  the 
market,  firewall  appliances  have 
become  popular.  IDC  describes 
firewall  appliances  as  a  combination 
of  hardware,  software,  a  hardened 
operating  system  and  networking 
technologies.  Firewall  appliances 
have  grown  from  29  percent  share 
of  the  market  in  1998  to  about  40 
percent  in  2000.  By  2003,  firewall 
appliances  will  make  up  nearly  half 
the  market,  when  they  will  rival 
software-based  firewalls,  which  cur¬ 
rently  command  about  60  percent 
of  the  market,  the  largest  share. 

The  appeal  of  firewall  appliances 
is  simplicity  of  operation.  They  are 
designed  for  use  by  organizations 
that  lack  extensive  security  skills.  As 
long  as  the  business  isn’t  changing  very  much,  the 
firewall  appliance  can  be  set  up  once  and  forgotten. 
At  the  low  end  of  the  market,  firewall  appliances  cost 
as  little  as  $500,  a  price  Christiansen  expects  to  drop 
to  as  low  as  $100. 

The  next  big  thing  in  firewalls — firewall  servic¬ 
es — dispenses  with  the  firewall  at  the  user’s  site  alto¬ 
gether.  Instead,  organizations  can  employ  hosted  fire¬ 


wall  capabilities  over  the  Internet.  The  appeal  of  a 
hosted  firewall  service  is  having  someone  else  handle 
all  the  upgrades. 

Some  Internet  Service  Providers  (ISPs)  have  been 
offering  firewall  capabilities  as  a  managed  service  for 
several  years,  reports  network  consultant  Chuck 
Chopp,  RTFM  Consulting  Services,  Greer,  S.C.  For 
organizations  that  need  to  make  frequent  changes, 
firewall  services  will  be  problematic,  he  explains.  On 
the  other  hand,  if  the  organization  doesn’t  have  the 
skill  with  networks  and  IP  necessary  to  configure  and 
maintain  a  firewall,  a  firewall  service  will  be  attractive. 

Outside  the  corporate  environment,  there  has 
been  considerable  interest  in  personal  firewalls,  as 
cable  modems  and  DSL  connections  leave  users  con¬ 
tinually  connected  to  the  Internet.  IDC  expects  this 
interest  to  wane,  however,  as  firewall  functionality 
increasingly  is  embedded  into  the  users’  Internet 
devices  or  the  network  itself. 

Corporate  network  managers  often  prefer  firewall 
functionality  built  into  routers.  “You  get  better  per¬ 
formance  when  the  firewall  is  part  of  the  router,”  says 
Chip  DiComo,  network  management,  Hellmann 
Worldwide  Logistics  Inc.,  Miami.  His  only  complaint 
with  the  company’s  router  vendor  revolves  around  its 
refusal  or  inability  to  provide  firewall  features  that 
take  advantage  of  Hellmann’s  corporate  NDS  direc¬ 
tory.  “We’d  like  to  do  some  identity-based  manage¬ 
ment  where  the  firewall  queries  NDS,”  he  notes. 

In  the  face  of  a  clearly  increasing  Internet  securi¬ 
ty  threat,  Gartner  Group  recommends  installing  at 
the  least  a  firewall  appliance  that  provides  a  base  level 
of  security  without  requiring  detailed  security 
knowledge.  Or  companies  should  request  quotes  for 
managed  firewall  and  intrusion  detection  services 
from  ISPs.  Those  types  of  services,  according  to 
Gartner  Group,  typically  cost  less  than  the  equivalent 
salary  of  a  half-time  firewall  administrator. 

Firewalls  at  best  are  a  deterrent,  not  guaranteed 
protection,  notes  Botto  of  Global  Network  Services. 
Still,  with  the  availability  of  low-cost  firewall  appli¬ 
ances  and  firewall  services  that  require  no  security 
skills  on  their  part,  managers  have  no  excuse  not  to 
put  this  deterrent  in  place. 


Alan  Raddittg  is  a  freelance  writer  in  Newton,  Mass. 
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Beating  Back  New  Age 


VIRUSES, 
biological 
are  getting 
nastier  all  the  time.  The 
unfortunate  result — any 
strategy  that  worked  a 
few  years  ago  is  about  as 
solid  as  a  slice  of  Swiss 
cheese. 

Today’s  IT  pros  are 
facing  sneakier  viruses 
than  ever,  and  virus 
authors  are  developing 
new  techniques  all  the 
time,  as  well  as  breeds 
that  attack  the  latest 
devices  such  as  PDAs  and 
even  cell  phones. 

Organizations  now 
face  stealth  viruses  that 
hide  their  routines  in 
memory,  as  well  as  virus¬ 
es  that  morph,  are  self¬ 
encrypting  and  can  ride  on  top  of  new  technologies 
such  asVBScripts,  macros,  ActiveX  and  Java. 

These  viruses  not  only  disable  systems,  slow  net¬ 


work  performance  and 
damage  data,  but  they 
also  cost  money — a  lot 
of  money — to  clean 
up.  Cleaning  up  a  sin¬ 
gle  outbreak  can  cost 
enterprises  tens  of 
thousands  of  dollars. 
Adding  insult  to  injury, 
networks  are  now  larg¬ 
er  than  ever,  and  the 
old  closed  nets  are  now 
open  to  customers, 
business  partners,  and 
remote  and  mobile 
workers.  Fortunately, 
antivirus  software  ven¬ 
dors  have  been  hard  at 
work,  tracking  over 
50,000  viruses,  devis¬ 
ing  antidotes,  support¬ 
ing  new  platforms  such 
as  firewalls,  servers,  and 
dedicated  devices,  and  protecting  smaller  and  small¬ 
er  machines. 

And  it  is  not  just  the  new  viruses  that  threaten  our 


Sticking  to  the  basics,  staying 
alert  and  keeping  antivirus 
software  up  to  date  are  key. 
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Secure 

Digitaily- 

signed 


Feeling  secure 
about  your 
confidential 
e-mail? 

|  Ever  wonder  whether  important 
documents  you  e-mailed  to 
clients,  customers  and  business 
partners  got  to  their  intended 
recipients?  Or  were  they  lost  or 
intercepted  along  the  way? 

Who  knows?  YOU  DO  with 
Omtool's  Genidocs.This  con¬ 
firmed  messaging  application 
delivers  and  encrypts  your 
message  and  attachments, 
with  delivery  notification, 
allowing  you  to  send  valuable 
documents  with  confidence, 
using  the  ease  and  speed  of 
the  Internet 

Security  systems  are  expensive, 
time  consuming  and  complicated. 
|  What  will  handle  your  security 
needs  today? 

Genidocs  -  it's  secure,  offers 
digital  signature  capability  and 
uses  the  e-mail  system  already  in 
place,  providing  an  easy-to-use, 
easy-to-deploy,  reasonably  priced 
confidential  e-mail  solution. 

Try  our  interactive  demo: 

www.omtool.com/mailgenidocs 

For  more  information: 

1.800.886.7845 
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networks.  Despite  a  wide  array  of  tools,  old  viruses  con¬ 
tinue  to  haunt  IT  organizations  simply  because  antivirus 
applications  are  not  up  to  date,  and  available  patches  for 
key  applications  are  not  installed. 


START  WITH  BASICS 

So  what’s  an  IT  professional  to  do?  First,  little  things  are 
sometimes  your  best  defense,  so  start  with  the  basics.  For 
instance,  many  boot  sector  viruses  can  be  avoided  by 
changing  PC  boot  sequences  to  C:  then  A. 

Second,  the  most  effective  defense  is  software.  Place 
antivirus  software  at  all  points  of  vulnerability — PCs,  lap¬ 
tops,  PDAs,  mobile  devices,  servers,  firewalls  and  perhaps 
most  important,  gateways,  particularly  Internet  and 
e-mail  gateways.  And  make  sure  ALL  of  this  software  is  as 
fresh  as  possible.  Don’t  depend  on  manual  updates.  Instead 
seek  out  automated  solutions.  One  such  technique  regu¬ 
larly  scans  for  viruses,  and  e-mails  these  newly  discovered 
viruses  to  software  vendors,  who  whip  up  a  fix  and  trans¬ 
mit  it  back.  Another  approach  has  the  software  regularly 
dial  into  the  vendor’s  server  for  updates. 

Finally,  viruses  generally  target  applications,  so  keep 
these  as  updated  as  possible.  For  instance,  Word  97  does 
not  support  digitally  signed  macros.  But  with  Office 
2000,  Word  macros,  in  fact  any  VBA  macro,  can  be  digi¬ 
tally  signed,  and  only  those  from  a  trusted  source  can  be 
downloaded.  This,  of  course,  requires  that  security  settings 
be  set  on  high,  something  you  should  look  at  carefully  if 
avoiding  macro  viruses  is  a  priority.  Locking  down  such 
security  settings  is  also  a  good  idea. 


THE  PDA  THREAT 

The  vulnerability  of  PDAs  became  apparent  late  last  year 
when  three  Palm  viruses  appeared.  Vapor,  a  Trojan  horse, 
wipes  out  application  icons;  Liberty  Crack,  another 
Trojan  horse,  destroys  programs;  and  the  Palm  OS/Phage 
virus  crashes  applications  and  turns  screens  gray.  PDA 
viruses  can  be  spread  through  the  Internet,  via  the 
infrared  ports,  through  PC  synchronization  and  by  wire¬ 
less  connections. 

Virtually  every  major  antivirus  vendor  now  has  PDA 
protection.  Some  of  this  software  runs  on  the  PC  and  pre¬ 
vents  the  spread  of  viruses  during  synchronization.  Some 
runs  on  the  PDA  itself.  And  some  runs  on  Wireless 
Application  Protocol  (WAP)  gateways  that  feed  data  and 
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applications  to  wirelessly  connected  PDAs. 

Users  should  be  trained  to  treat  WAP 
devices,  such  as  data-ready  mobile  phones, 
just  like  PCs.  That  means  don’t  download 
any  unknown  executable  code. 

And  finally,  here  are  a  few  more  words  of 
virus  wisdom: 

■  Keep  informed  (regularly  check  vendor 
sites  as  well  as  independent  sites  such  as 
Cert.org). 

■  Stay  calm  (many  virus  warnings  are 
hoaxes) . 

■  Utilize  multiple  forms  of  protection. 

■  Protect  all  important  computing  devices, 
no  matter  how  small. 

■  Maintain  high  security  settings  on  browsers  and 
e-mail. 


Educate  your 
users.  Tell  them 
to  never,  ever  open 
an  e-mail 
attachment  they 
weren’t  expecting, 
and  to  exercise 
caution  when 
downloading  files 
from  the  Internet. 


Report 

antivirus 


■  Educate  your  users. Tell  them  to  never, 
ever  open  an  e-mail  attachment  they 
weren’t  expecting,  and  to  exercise  cau¬ 
tion  when  downloading  files  from  the 
Internet  (viruses  are  often  attached  to 
Usenet  postings).  And  always  maintain 
a  backup  of  crucial  files  and  applica¬ 
tions. 

■  Delete  junk  e-mail  and  chain  e-mails. 

■  Make  authentication  technologies  as 
widespread  as  possible,  so  that  content 
cannot  be  altered. 

■  Limit  and  control  the  use  of  mobile 
code  such  as  Java,  JavaScript  and  espe¬ 
cially  ActiveX. 

all  viruses  to  the  proper  authorities  and 
vendors.  ♦ 


We're  in  the  midst  of  an  e-business  revolution! 

The  Internet  and  our  new  global  culture  of  information 
exchange  poses  a  greater  threat  to  you  than  ever 
before  of  fraud,  email  eavesdropping  and  data  theft 
from  folks  like  Buffy. 

Kyberpass'  award-winning  e-security  TrustPlatforms 
are  used  by  Fortune  1000  companies  and  governments 
for  rapid  creation  of  trusted  B2B  exchanges,  HIPAA 
compliancy,  Identrus  transactions  and  PKI-enabling  of 
legacy  applications  without  software  toolkits. 

Visit  us  on  the  web  at  kyberpass.com  or  call 
800.845.1 140  to  learn  how  we're  making  the  Internet 
a  safe  place  for  e-business. 
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Not  only  does 
Sniffer  Wireless  increase 
security,  reduce  operating  costs 
and  uncork  bottlenecks  like  the  old  Sniffer, 
it  does  it  without  wires.  Find  out  about 
our  wireless  management  software  at 
www.sniffer.cotn/ad/wirelessnw.asp 
or  1-800-707-1274,  dept.  6275.  And  be 
sure  to  ask  for  our  free 
pack.  No  strings  (or  ' 
attached. 
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Enterasys  Networks  this  week 
will  announce  high-density  fiber¬ 
optic  modules  for  its  Matrix  E6 
and  Matrix  E7  wiring  closet 
switches.  The  two  new  modules 
contain  24  and  48  100BaseFX 
ports  for  connecting  servers  or 
workstations  over  long  distances 
with  fiber-optic  cables.  Both  mod¬ 
ules  can  switch  packets  at  Layers 
2  through  4  and  support  standard 
Ethernet  virtual  LAN  and  quality- 
of-service  packet  tagging. 

The  Fast  Ethernet  modules  are 
available  now,  priced  at  $27,000 
for  the  48-port  module  and 
$19,500  for  the  24-port  blade. 

Enterasys:  www.enterasys. 
com 


Allied  Telesyn  has  announced 
a  line  of  LAN  extenders  aimed  at 
customers  who  want  to  inexpen¬ 
sively  connect  a  remote  office  to 
a  central  site  over  a  leased  line. 
The  LAN  extenders  are  designed 
to  connect  a  LAN  switch  directly 
into  a  T-1  line,  DS-3  or  ISDN  trunk. 
Businesses  interested  in  point-to- 
point  WAN  connectivity  with 
remote  sites  could  save  money 
using  the  extenders  in  place  of  a 
router,  the  company  says.  Twelve 
variations  of  the  extenders  are 
available,  and  cost  between  $695 
and  $3,000. 

Allied  Telesyn:  www.allied 
telesyn.com 


Network  Engines  last  week 
launched  a  high-end  fault-tolerant 
server  appliance  for  customers 
deploying  large  Internet  data  cen¬ 
ters.  The  WebEngine  Sierra  is  a  1 
3/4-inch-high  server  designed 
with  a  cooling  system  that  will 
allow  it  to  run  cooler  in  a  rack¬ 
mounted  environment.  The  Sierra 
uses  dual  Pentium  III  800-MHz  to 
1-GHz  processors,  allowing  up  to 
42  servers  in  a  single  rack. 

WebEngine  Sierra  starts  at 
$3,500. 

Network  Engines:  www.net 
workengines.com 
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TCP/IP,  L AIM/ W AIM  Switches ,  Routers,  Hubs,  Access  Devices, 
Clients,  Servers,  Operating  Systems,  VPIMs,  Networked  Storage 


Sanrise  unleashes  storage  services 


Start-up  offers  disk-on-demand,  data  backup  and  vaulting  services. 


PROFILE:  SANRISE 


Location; 

Dublin,  Calif. 

Founded; 

May  2000  by  David  Schneider,  CEO,  and  John  Coviello, 
executive  vice  president,  engineering 

Business: 

Managed  storage  services. 

Financing: 

$160  million 

Customers: 

General  Electric,  PricewaterhouseCoopers  and  Fidelity 
Investments. 

Competitor; 

StorageNetworks,  Storability 

Fun  fact; 

Sanrise  shares  a  three-story  office  building  with  a  government 
agency  that  is  so  secretive,  Sanrise  doesn't  know  who 
they  are. 

BY  DENI  CONNOR 

Calling  Sanrise  a  start¬ 
up  is  misleading.  The 
managed  storage  ser¬ 
vice  provider,  which  incorpo¬ 
rated  less  than  a  year  ago, 
already  has  more  than  600 
ready-made  customers  in  the 
U.S.,  Europe  and  Asia  using  its 
network  back-up  and  recovery 
services. 

The  Dublin,  Calif.,  company 
last  week  rolled  out  its  first 
suite  of  Storagetone  storage 
services  aimed  at  midsize  to 
large  companies  and  Internet 
data  centers  that  don’t  want  to 
monitor  data  capacity  and  han¬ 
dle  storage  management  themselves. 

With  Storagetone  Disk-on-Demand  ser¬ 
vice,  customers  are  offered  gigabytes  of 
high-availability  storage.  Storagetone 
Backup  and  Restore  handles  data  backup 
customized  to  the  user’s  schedule.  Storage- 
tone  Safestore  Vaulting  provides  off-site 
tape  storage. 

Sanrise  provides  services  by  installing 
“storagecels”  at  customer  locations  for  cor¬ 
porate  data  or  hosting  centers  for  Internet 


data.  A  storagecel  consists  of  Hitachi  Data 
Systems  Freedom  9900  storage  arrays,  Bro¬ 
cade  Fibre  Channel  switches  and  Stor- 
ageTek  tape  libraries.  With  Sanrise’s  Stor¬ 
agetone  services,  customers  can  choose  to 
manage  their  storage  via  management  soft¬ 
ware  located  at  a  storage  portal  called  stor- 
agetone.com  or  have  Sanrise  technicians 
manage  it. 

The  company,  founded  by  engineers 
from  AT&T  and  network-attached  storage 


vendor  Auspex,  is  looking  to 
tap  a  growing  storage 
provider  market,  says 
research  firm  Gartner 
Dataquest.  Due  to  a  shortage 
of  trained  IT  staff  and  an 
inability  to  predict  the  stor¬ 
age  capacity  a  company  net¬ 
work  will  need,  Gartner 
Dataquest  estimates  that  the 
2000  market  of  $10  million 
will  grow  to  more  than  $7 
billion  in  2003- 

“The  market  conditions 
that  enable  a  move  toward 
outsourcing  are  excellent,” 
says  Steve  Duplessie,  an  ana¬ 
lyst  with  the  Enterprise  Stor¬ 
age  Group.  “There’s  strong 
demand  and  still  no  talent.  Rather  than 
concentrating  on  a  niche  market,  the 
companies  that  are  broad-based  storage 
service  providers  are  missing  the  boat.” 

Most  of  Sanrise’s  customers  opt  for 
back-up  and  restore  services  first  and 
disk-on-demand  second,  the  company 
claims.  Disk-on-demand  provides  storage 
quickly  to  customers  on  a  leased  per- 
gigabyte  basis  as  they  grow. 

See  Sanrise,  page  20 


Intel  Developer  Forum  plays  host  to  InfiniBand 


BY  APRIL  JACOBS 

SAN  JOSE  —  Last  week’s  Intel  Devel¬ 
oper  Forum  served  as  a  showcase  for 
InfiniBand,  the  new  bus  architecture 
that  promises  to  alleviate  many  of  the 
bottlenecks  clogging  servers  and  stor¬ 
age  systems  today. 

InfiniBand  is  a  switched-fabric  I/O 
technology  that  ties  together  servers, 
network  devices  and  storage  devices. 

At  the  forum,  a  fully  meshed  Infini¬ 
Band-based  network  demonstration 
consisting  of  products  from  Intel, 
Adaptec,  Agilent  Technologies,  Com¬ 
paq,  Computer  Associates,  Crossroads, 
LSI  Logic  and  Q-Logic  showed  an 
InfiniBand  environment  by  connecting 
CPUs  with  one  another  and  with 
peripherals  such  as  storage  systems 
and  network  cards. 

Other  demonstrations  at  last  week’s 
IDF  included: 


•  Chip  maker  Banderacom;  Lane  15 
Software,  which  makes  InfiniBand  man¬ 
agement  software;  and  WindRiver  Sys¬ 
tems  teamed  to  show  off  a  Banderacom 
InfiniBand  host  server  connected  to  a 
prototype  InfiniBand  Target  Channel 
Adapter  built  with  Banderacom’s  IBan- 
dit  prototype  chip  set. 

•  3Com  demonstrated  Ethernet 
network  devices  for  connectivity. 
The  demonstration  was  designed  to 
show  how  clients  will  independently 
run  a  variety  of  high-bandwidth  appli¬ 
cations  over  InfiniBand,  such  as 
disk  backup,  MPEG-2  video  and  video- 
conferencing. 

•  VIEO’s  InfiniBand  management 
software  family,  which  is  designed  to 
help  users  set  up  and  manage  clustered 
applications. 

Accommodates  many  types  of  traffic 

Jean  Bozman,  a  research  director 


with  market  research  firm  IDC,  says 
InfiniBand’s  switch  fabric  bus  architec¬ 
ture  will  allow  users  to  accommodate 
many  types  of  traffic  that  will  increas¬ 
ingly  be  crossing  through  their  data 
See  Intel,  page  20 
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INSIDE  I/O 


The  InfiniBand  Trade  Association 
is  dedicated  to  developing  a  new  I/O 
specification  to  deliver  a  channel- 
based,  switched-fabric  technology. 
Download  a  ZIP  file  of  the  Version 
1.0  specification^  FAQ  page  and 
white  papers. 
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To  be  a  contender  in  the  new  Customer  Economy,  you 
need  to  put  the  customer  at  the  center  of  your  business. 
Avaya’s  networks  and  applications  do  just  that. 

Our  Enterprise  Class  IP  Solutions  (ECLIPS)  is  a  family 
of  IP  telephony  and  multiservice  network  solutions  and 
services  that  supports  our  new  generation  of  applications 
while  giving  you  a  no-compromise  approach  to  convergence. 
So  voice,  video  and  data  collaborate  to  deliver  a  richer 
customer  experience.  With  no  compromise  to  the  quality, 
the  reliability  or  the  feature-functionality  you’ve  come  to 
demand  from  your  networks. 

Our  solutions  are  interoperable  with  your  existing 
infrastructure,  making  it  easier  to  build,  expand, 
manage  and  monitor  enterprise  networks.  Our  IP  telephony 
solutions  deliver  outstanding  voice  quality  and  our  Cajun™ 
family  of  gigabit  Ethernet  switches  are  voice  ready  today. 

Power  your  network  with  Avaya,  and  your  customers 
become  the  real  focus  of  your  business.  And  they’ll  know  it. 
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Quantum  bolsters  network  storage  facility 

Company’s  Ml 500  tape  facility  prepped  for  companies  that  need  to  grow  storage  fast. 


BY  DENI  CONNOR 

IRVINE ,  CALIF.  —  Network 
professionals  could  better 
manage  and  troubleshoot  net¬ 
work  backups  with  a  new 
fault-tolerant  tape  library 
Quantum  announced  last 
week. 

Quantum’s  Ml  500  enter¬ 
prise  tape  library  is  modular 
and  rack  mounted,  letting  users 
upgrade  and  fit  the  device  in 
limited  space. 

Fara  Yale,  an  analyst  at  Gart¬ 
ner  Dataquest,  says  this 
upgrade  capacity  and  modular¬ 
ity  is  important  for  businesses 
that  have  unpredictable  stor¬ 
age  needs  and  must  stay  online 
at  all  times. 

Phillips  Petroleum  is  one 
such  company. 

“When  we  looked  at  the 
market,  many  of  the  libraries 
that  were  available  had  a  fixed 
number  of  tape-cartridge 


slots,”  says  Conrad  Marotta,  a 
Unix  IT  manager  for  Phillips  in 
the  U.K.  “For  instance,  if  you 
bought  the  model  with  100 
slots,  that’s  all  you  had.  With 
the  Ml 500,  you  can  buy  it  with 
one  drive  and  20  tape  slots  and 
expand  it  until  you  have  as 
many  as  10  modules  in  a  rack. 
As  your  data  increases  and  you 
need  to  expand  the  capacity  of 
the  library,  it  just  becomes  a 
bolt-on  operation.” 

The  box’s  capacity  ranges 
from  two  drives,  each  with  20 
hot-swappable  cartridges,  up 
to  20  tape  drives  and  200  car¬ 
tridges  for  more  than  16  tera¬ 
bytes  of  data  storage.  It  con¬ 
nects  to  the  network  server  via 
a  SCSI  connection  and  can 
back  up  more  than  860G  bytes 
of  data  per  hour. 

The  Ml 500  uses  a  unique 
architecture  called  StackLink 
that  lets  network  managers 
stack  up  to  10  individual  tape 


cartridges  in  modules,  remove 
and  replace  modules  without 
taking  the  library  offline,  and 
move  cartridges  from  one 
module  to  another  quickly. 

Up  to  10  modules,  each  con¬ 
taining  two  removable  10-tape 
cartridge  magazines,  can  fit  in  a 
standard  7-foot  rack.  Each  mod¬ 
ule  is  4U  (7  inches)  high.  One- 
half  of  the  tapes  can  be 
replaced  while  the  library  is 
operating.  While  the  current 
system  supports  Digital  Linear 
Tape  drives,  future  enhance¬ 
ments  will  support  two  new 
tape  technologies,  Linear  Tape 
Open  Ultrium  and  Super  DLT. 

“Quantum’s  Ml 500  is  bril¬ 
liant,”  says  Steve  Duplessie,  an 
analyst  with  the  Enterprise  Stor¬ 
age  Group.  “Customers  don’t 
have  to  start  with  a  million-dol- 
lar  library  on  day  one  if  they 
don’t  need  it.  They  can  add  as 
they  grow,  and  the  system  auto¬ 
matically  morphs  itself  as  new 


Quantum's  scalable  and  fault- 
tolerant  M1500  tape  library 
allows  for  growth,  as  well  as 
hot-swappable  tape  drives, 
which  preclude  downtime. 

modules  are  added.” 

The  tape  library  is  a 
midrange  system  for  Quantum. 
The  company  has  several  other 
models  ranging  from  the  3-tera¬ 
byte  L200  to  the  57-terabyte 
P3000.  The  Ml 500  competes 
with  tape  libraries  from 
Exabyte  and  StorageTek. 

The  Ml 500  is  fault-tolerant, 
letting  users  replace  modules 
and  drives  without  taking  the 


library  down.  It  has  redundant 
fans  and  power  supplies.  The 
Ml 500  is  user-installable  and 
comes  with  SCSI  connection 
for  attachment  to  the  network 
file  server.  Fibre  Channel  sup¬ 
port  will  be  available  this  sum¬ 
mer,  which  will  allow  the 
M 1 500  to  fit  into  popular  stor¬ 
age-area  networks. 

A  management  console  with 
an  LED  menu  on  the  front  panel 
of  the  module  contains  configu¬ 
ration,  installation  and  technical 
support  availability,  as  well  as 
scheduling  capability.  One  con¬ 
sole  can  manage  all  modules  in 
the  rack.  It  works  with  back-up 
software  from  vendors  such  as 
Computer  Associates,  Legato 
and  Veritas. 

Pricing  for  the  Ml 500  starts 
at  $18,750  for  a  20-cartridge 
library  with  one  DLT800  drive. 
The  Ml 500  ships  this  month. 

Quantum:  www. quantum, 
com 


Sun  offers  preconfigured  SAN 

Company  trying  to  make  inroads  against  storage  vendors  such  as  EMC. 


BY  ASHLEE  VANCE 

Looking  to  bolster  its  posi¬ 
tion  in  the  market  for  storage 
products,  Sun  last  week 
announced  it  is  shipping  pre¬ 
configured  storage-area  net¬ 
work  systems  designed  to 
help  customers  get  a  SAN  up 
and  running  more  quickly. 

The  package  combines 


Satirise, 

continued  from  page  17 

“People  [stink]  at  backup. 

'  It’s  a  problem  that  can  only  get 
worse  as  the  amount  of  data 
grows,  and  no  one  user  is  good 
at  managing  it.  Let  a  profes¬ 
sional  deal  with  it,”  Duplessie 
says. 

In  January,  the  company 
bought  Exodus  Communica¬ 
tions’  DataVault  back-up  and 
recovery  service,  and  assumed 
responsibility  for  supporting 
its  customers. 

Among  the  clients  are  such 
well-known  companies  as 


Sun’s  StorEdge  T3  array  and 
its  new  StorEdge  network  FC 
switch  series.  The  product  is 
available  for  Sun’s  Solaris 
operating  system  and  will  be 
released  for  Windows  NT  and 
Hewlett-Packard’s  HP-UX 
within  three  months.  IBM’s 
AIX  and  the  Linux  operating 
system  will  be  supported 
soon  thereafter,  the  company 


General  Electric  and  Fidelity 
Investments. 

The  price  of  Sanrise’s  ser¬ 
vices  differs.  For  instance, 
100G  bytes  of  storage  would 
be  available  for  about  $50  per 
gigabyte.  Backing  up  100G 
bytes  of  storage  would  cost  as 
much  as  $18  per  gigabyte. 

Sanrise:  www.sanrise.com 


says. 

The  offering  is  part  of  a 
broader  effort  by  Sun  to 
make  inroads  against  storage 
specialists  such  as  EMC. 

Sun  has  made  a  handful  of 
storage-related  acquisitions 
in  recent  months,  most 
recently  acquiring  storage 
software  vendor  LSC,  and  bol¬ 
stering  its  hardware  and  soft¬ 
ware  offerings  in  a  bid  to 
gain  ground  on  the  rival  ven¬ 
dor  (www.nwfusion.com, 
DocFinder:  3236). 

Sun  will  include  its 
StorEdge  software  with  the 
new  SAN  offering,  including 
tools  for  component  manage¬ 
ment,  volume  management 
and  dynamic  multipathing. 

The  preconfigured  SAN  sys¬ 
tem  is  shipping  immediately 
and  is  priced  from  $97,700  for 
a  327G-byte  configuration  up 
to  $481,900  for  a  5.2-terabyte 
configuration. 

Vance  is  a  correspondent 
with  the  IDG  News  Service’s 
San  Francisco  bureau. 


Intel, 

continued  from  page  17 

centers,  including  streaming 
video,  voice  and  audio  files  — 
all  of  which  now  present 
bandwidth  problems. 

The  ultimate  pervasiveness 
of  InfiniBand  systems  is 
important  for  users,  such  as 
those  of  IBM  and  Sun  gear, 
because  they  will  be  able  to 
select  from  a  multitude  of 
hardware  vendors,  not  a 
select  few. 

Easing  bottlenecks 

InfiniBand  products  should 
ease  the  bottlenecks  that 
even  the  latest  PCI-X-based 
servers  will  have  by  creating 
a  switched-fabric  backplane 
that  can  handle  500M 
byte/sec  to  6G  byte/sec 
speeds  and  offer  throughput 
of  up  to  2.5G  byte/sec.  Cur¬ 
rent  architectures  support  1G 
byte/sec. 

Intel’s  Jim  Pappas  says 
InfiniBand’s  switch  architec¬ 
ture  is  designed  to  help  net¬ 
work  managers  eliminate 
some  of  the  wiring  closet 
nightmares  they  now  face  in 
trying  to  connect  a  range  of 
devices. 

The  InfiniBand  architec¬ 
ture  calls  for  a  single  connec¬ 


tion  point  between  any  host 
device  and  a  central  Infini¬ 
Band  switch,  which  directs 
traffic  between  devices. 
Using  current  shared-bus 
technology,  such  as  a  PCI  con¬ 
nection,  each  device  must 
have  a  separate  connection 
through  a  designated  port. 

Backward  compatibility 

Pappas  says  Intel’s  current 
plans  don’t  include  backward- 
compatibility  for  servers  with¬ 
out  InfiniBand  connections. 

He  expects  most  users  will 
turn  to  Infiniband-enabled 
devices. 

But  Bozman  says  she  would¬ 
n’t  be  surprised  to  see  other 
chip  companies  come  out  with 
bridge  chips  designed  to  let 
legacy  servers  connect  to 
InfiniBand  switches  and  newer 
enabled  devices  through  a  PCI 
connector. 

The  InfiniBand  Trade  Asso¬ 
ciation,  which  is  made  up  of 
more  than  218  vendors, 
released  Version  1.0  of  the 
InfiniBand  specification  last 
fall  and  Intel  has  made  com¬ 
ponents  for  products,  such 
as  the  InfiniBand  Host 
Channel  Adapter  and  Infini¬ 
Band  Switch.  They  have  been 
available  to  manufacturers 
since  January.  Q 
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Sun  Cobalt™ 

Server  Appliances 

ready 

Out  of  the  box,  it's 

The  Sun 

ready  for  virtual  or 
dedicated  hosting, 

email  and  other 

Cobalt  server 

revenue-driving 

applications. 

appliance. 

The  first  1RU  server 

appliance  to  offer 

Plug  it  in. 

four  front-removable 

RAID  harddisk  drives 

Turn  it  on. 

Offers  RAID  levels 

0, 1  and  5  for 

And  start 

maximum  reliability 
and  flexibility. 

making  bread. 

Tough  casing  is 
impervious  to  toast 
crumbs  and  jelly. 

As  a  service  provider,  you’ve  got  to 
deliver  new  services  ahead  of  mar¬ 
ket  demands,  or  you’re  toast.  So 
we  designed  the  new  Sun  Cobalt™ 
RaQ  XTR  server  appliance  to  bring 
you  high  performance  combined  with 
turnkey  deployment.  The  RaQ  XTR’s 
integrated  software  and  easy-to-use 
web  interface  mean  you  won’t  have 
to  dedicate  IT  staff  to  manage  it.  In 
fact,  customers  can  easily  configure 
and  manage  it  themselves.  And  the 
low  price  and  compact,  stackable 
design  mean  you  can  efficiently  and 
cost-effectively  add  more  RaQ  units 
in  just  minutes.  (No,  really.  Minutes.) 
So,  what  are  you  waiting  for?  Plug  in 
a  RaQ  XTR,  and  start  hosting  content- 
rich,  interactive  web  sites  right  out 
of  the  box.  And  the  next  thing  you 
know  —  DING!  —  profits  are  up. 

sun.com/cobalt 


take  it  to  the  iV” 


Infrastructure 


Tolly  on  Technology  .  Kevin  Tolly 

Network  security’s  need  for  speed 


If  the  turnout  for  Network  World’s 
“Security  Showdown”  a  few  weeks 
ago  at  ComNet  2001  is  any  indicator, 
many  people  have  network  security  on 


their  minds.  A  question  I  made  to  Check 
Point  about  the  performance  of  soft¬ 
ware-based  security  appliances  was 
essentially  unanswered. 


Networking  today  is  all  about  broad¬ 
band  —  for  the  campus  and  the  metro¬ 
politan-area  network,  if  not  beyond.  Fast 
Ethernet  is  now  the  “small”  pipe  with 


IP  Access  for  Managed  Services 


gets  new  wings. 


Quick  Eagle  is  the  company  that’s  going  to  finally  make  managed  services  fly.  Because  our  IP  access 
platform  puts  an  entirely  new  level  of  versatility  firmly  in  your  grasp.  Quick  Eagle’s  access  devices  and 

powerful  software  monitoring  tools  give  customers  the  ability  to  select  among 
the  ports,  protocols  and  management  applications  that  best  suit  the  network's 
needs.  Providers  and  end-users  alike  will  be  able  to  enjoy 
bandwidth  on  demand,  access  options  and  custom  application  services — at  remarkably 
lower  costs.  A  series  of  service  application  packs,  which  can  be  delivered  via  the  network, 
make  the  platform  infinitely  dynamic.  Ready  to  learn  more  about  a  new  breed  of  IP  access 
for  managed  services?  Click  your  way  to  quickeagle.com. 


jy 


Quick  Eagle 

Networks 


DIGITAL  LINK 


IP  Access  for  managed  services 


Gigabit  and  Soon  10G  Ethernet  sliding 
into  the  “medium”  and  “large”  cate¬ 
gories,  respectively.  While  a  savvy  net¬ 
work  designer  may  wonder  how  fire¬ 
walls  and  VPNs  might  deal  with  10G 
Ethernet,  I  propose  we  take  a  step  back 
and  ask  that  same  question  about  Fast 
Ethernet.  The  answer  for  many  systems 
is:They  drop  packets  —  a  lot  of  packets. 

The  majority  of  network  security  sys¬ 
tems  today  essentially  are  software  sys¬ 
tems.  Just  like  last-generation  software 
routers,  traffic  from  the  network  is  fed 
“up”  into  the  system  where  software 
under  the  control  of  a  main  processor 
inspects,  encrypts  or  decrypts  the  traffic 
before  passing  it  to  the  network. 

This  is  just  like  a  software  router  — 
only  worse.  Firewall  and  security  devices 
typically  expend  more  resource  per 
packet  and,  consequently,  can  get  into  a 
processing  bind  even  when  handling  a 
small  number  of  network  interfaces. 

While  conducting  extensive  bench¬ 
marks  of  VPN/firewall  Fast  Ethernet 
throughput  last  year,  Tolly  engineers  got 
an  earful  from  vendors  when  we  deter¬ 
mined  that  “enterprise-class”  firewalls 
should  be  held  to  the  same  perfor¬ 
mance  standards  as  the  Layer  2/Layer  3 
switches.  We  soon  found  out  why. 

When  internetworking  gear  drops 
packets,  its  value  to  the  network  takes  a 
steep  decline.  Even  one  dropped  packet 
causes  sharp  increases  in  session  latency 
as  the  endstation  must  wait  for  the  lost 
packet  and,  when  it  fails  to  arrive,  initiate 
a  retransmission  sequence.  For  this  rea¬ 
son,  we  terminated  our  “no  loss”  tests 
when  packet  loss  exceeds  .001%  of  the 
offered  load. 

When  we  attempted  to  benchmark  a 
number  of  security  platforms  to  deter¬ 
mine  their  performance  levels  handling 
bidirectional  traffic,  we  got  stopped  in 
our  tracks.  In  several  cases,  we  couldn’t 
even  get  a  reading.  Even  with  only  one 
megabit  of  traffic  offered  across  a  Fast 
Ethernet  IP  Security  VPN  tunnel,  more 
than  one  packet  was  getting  discarded. 

The  vendors’  response  was  in  effect 
saying,  “The  bar  is  too  high.”  Not  only  did 
they  suggest  only  using  unidirectional 
traffic,  but  also  recommended  we  toler¬ 
ate  a  higher  frame  loss.  A  common  non 
sequitur  was  that  because  the  Internet 
exhibited  greater  than  .001%  packet 
loss,  our  tests  should  accept  similar  loss. 
Even  1%  packet  loss  means  tolerating 
almost  1,500  lost  packets  each  second, 
each  way  on  full-duplex  Fast  Ethernet. 

Security  system  vendors  are  aware 
of  this  situation.  Just  like  ASIC-based 
switches  fought  and  prevailed  in  enter¬ 
prise  and  service-provider  backbones, 
the  software  vs.  hardware  fight  is  on  in 
the  security  area.  Any  network  manager 
looking  to  secure  true  high-performance 
networks  better  take  heed. 

Tolly  is  chairman  and  CEO  of  Tolly 
Research  and  founder,  president  and 
CEO  of  The  Tolly  Group.  He  can  be 
reached  at  ktolly @  tolly.com. 
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Ethernet  Everywhere' 

www.extremenetworks.com/go/nw.htm  888-257-3000,  ext.  3131  (U.S.)  +1  408-579-3131  (Outside  U.S.) 


Dr.  Kamran  Sistanizadeh, 

Chief  Technology  Officer, 
Yipes  Communications,  Inc. 


A  Satisfied  Customer  Since  1999 


If  the  look  on  the  CTO's  face  is  any  indication,  Yipes  Communications,  Inc.  is  one  happy  camper.  Yipes  — 
the  defining  provider  of  Ethernet-based  metropolitan  optical  networks  for  IP  services  —  is  offering 
businesses  in  over  20  major  U.S.  cities  a  fast,  scalable  and  extremely  affordable  alternative  to  ATM  and 
SONET.  Because  of  Extreme  Networks'  Alpine'"  BlackDiamond®  and  Summit®  switches,  Yipes  can  provision 
its  customers  with  bandwidth  on  demand  —  from  1  Mbps  to  1  Gbps  —  over  the  same  strand  of  fiber. 
A  powerful  networking  solution  that's  a  dream  come  true  —  for  everyone  except  the  competition. 


These  days,  your  business  has  to  be  a  global  e-business.  Global  locations  have  to  be  synchronized 
so  you  can  make  better  decisions  and  make  them  faster.  Sprint  understands  mission-critical  data  has  to  flow  so  you  can 
help  boost  productivity.  With  Sprint  global  data  solutions,  you'll  benefit  from  the  enhanced  reliability,  security  and 
performance  provided  by  our  acclaimed  global  network  for  your  Internet,  intranet,  extranet,  remote  access  applications 
and  mission  critical  data.  Sprint  has  the  flexible  data  solutions  backed  by  dependable  customer  support  and  service  you 
need  to  connect  your  company's  remote  offices  —  including  international  locations  —  for  maximum  data-sharing 
efficiency.  Our  domestic  and  international  data  solutions  can  not  only  meet  your  business  productivity  needs  today  but 
also  keep  pace  as  your  enterprise  grows  globally.  We're  giving  you  the  ability  to  take  on  the  world. 

Let's  make  contact: 

Experience  Sprint  Global  Data  Solutions  at  www.sprintbiz.com/data_solutions  or  call  1  877  203-7263. 


The  point  of  contact 


Briefs 


Qwest  Communications  this 
summer  plans  to  seek  permission 
from  federal  regulators  to  offer 
long-distance  services  in  one  of 
the  14  states  where  it  provides 
local  service,  CEO  Joseph  Nac- 
chio  says. 

Applications  for  the  other  13 
states  will  follow  later  this  year 
and  early  next  year.  Nacchio 
made  the  comments  at  a  confer¬ 
ence  of  state  regulatory  officials 
in  Washington,  D.C.,  last  week. 
Qwest  had  to  stop  offering  long¬ 
distance  services  in  the  14  states 
eight  months  ago  when  it 
acquired  US  West,  which  pro¬ 
vides  local  services  in  the  states. 
The  service  provider  will  be 
allowed  to  re-enter  the  long-dis¬ 
tance  market  in  the  14  states  once 
it  can  prove  there  is  competition 
in  the  local  services  market.  Nac¬ 
chio  pointed  to  recent  wholesale 
agreements  with  McLeodUSA  and 
Eschelon  Telecom  as  evidence 
that  Qwest  is  promoting  local 
competition. 

Network  executives  looking  to 
buy  voice,  data,  Internet  or  host¬ 
ing  services  can  search  for  ven¬ 
dors  via  a  new  Web  site  run  coop¬ 
eratively  by  services  auction  site 
Carrier  Choice  and  IT  consultant 
Computer  Aid. 

Enterprise  users  can  go  to  the 
site  and  enter  their  service 
needs.  Up  to  30  service  providers 
then  bid  on  the  services  online. 

Providers  that  bid  on  the  con¬ 
tracts  include  AT&T,  Sprint, 

Digex,  Epoch  Internet,  Exodus 
Communications,  Global  Cross¬ 
ing,  Globix,  HarvardNet,  Inter- 
liant.  Intermedia  Communica¬ 
tions,  WorldCom,  Onyx  Networks, 
PSINet,  SAVVIS,  Servlnt  Internet 
Services,  Teleglobe,  UUNET  and 
Verio.  Carrier  Choice  runs  its 
own  Web  site  and  has  coopera¬ 
tive  Web  site  relationships  with 
other  providers. 

Carrier  Choice:  www.carrier 
choice.com 


Carriers  &  I 


■  The  Internet ,  Extranets,  Interexchange 

anti  Local  Carriers,  Wireless,  Regulatory  Affairs 

DSL  lawsuits  multiply  in  California 


Pacific  Bell  charged  with  selling  mass-market  service  before  it  was  ready  to  provision. 


BY  DAVID  ROHDE 

Dominant  California  local  carri¬ 
er  Pacific  Bell  is  battling  at 
least  three  class-action  law¬ 
suits  over  its  mass-market  DSL  offerings, 
part  of  a  coast-to-coast  wave  of  disgust 
over  Bell  DSL  promotional  practices. 

Last  month  a  law  firm  in  San  Francisco 
filed  suit  against  Pacific  Bell  Internet  Ser¬ 
vices  (PBIS)  over  what  it  claims  was  a 
fraudulent  consumer  offer  of  several  free 
months  of  DSL  service  tied  to  the  pur¬ 
chase  of  a  Compaq  Presario  PC. 

Pacific  Bell’s  offer  last  September  guar¬ 
anteed  free  DSL  service  through  the  end 
of  2000,  and  the  firm’s  client,  a  resident 
of  Richmond,  Calif.,  says  she  didn’t  get 
DSL  until  2001,  eliminating  the  free  ben¬ 
efit.  The  lawyer,  S.  Chandler  Visher,  last 
week  told  Network  World  that  he  has 
since  received  about  100  similar  com¬ 
plaints,  some  alleging  additional  billing 
problems. 

Visher’s  suit  joins  two  earlier  com¬ 
plaints  against  Pacific  Bell.  One  is  a  Los 
Angeles  lawsuit  principally  charging 
Pacific  Bell  with  advertising  DSL  before  it 
knew  it  had  the  network  and  technicians 
to  widely  install  it.  . 

Another  is  a  San  Diego  class-action  suit 


What  brings  Pac  Bell  to  court? 

Critical  numbers  in  the  various  DSL 
lawsuits  against  Pacific  Bell: 

•  Number  of  hours  Pacific  Bell  technicians  have 
to  respond  under  California  law:  Four 

•  Typical  promised  installation  interval  after 
order  placement:  One  month 

•  Amount  of  money  SBC  subsidiaries  spent 
advertising  DSL  in  1999:  $231  million 

•  Number  of  customers  affected  by  Pacific 
Bell's  DSL  "missteps":  At  least  45,000, 
according  to  the  Los  Angeles  lawsuit 


joined  by  the  California  consumer  group 
Utility  Consumer  Action  Network 
(UCAN)  charging  that  Pacific  Bell 
botched  or  lost  orders,  billed  for  service 
before  installation  and  interfered  with 
competitors’  DSL  orders. 

Pacific  Bell  spokesman  John  Britton 
said  he  couldn’t  comment  on  the  San 
Francisco  lawsuit  because  it  hasn’t  been 
served  on  Pacific  Bell’s  lawyers.  But  he 
said  Pacific  Bell’s  parent,  SBC  Communi¬ 
cations,  “leads  the  world  in  deploying 
DSL”  with  767,000  working  lines  as  of 
Jan.  1.  Those  include  installations  by  SBC 


subsidiaries  Southwestern  Bell, 
Ameritech  and  Southern  New  England 
Telephone. 

Britton  admitted  that  Pacific  Bell  “hit 
some  speed  bumps”  as  it  ramped  up  DSL. 
But  he  said  Pacific  Bell  has  fixed  any 
early  problems,  largely  due  to  a  self¬ 
install  program  with  Compaq  that  now 
handles  70%  or  more  of  orders  made  via 
the  Compaq  promotion. 

Visher  says  potential  class-action  plain¬ 
tiffs  calling  his  office  after  he  filed  suit 
beg  to  differ.  “They’re  worse  than  the  IRS 
in  terms  of  how  long  it  takes  to  get  to 
somebody,”  he  says.  One  potential  new 
plaintiff  who  ordered  the  Compaq  PC  and 
DSL  line  in  September  has  encountered 
representatives  from  Pacific  Bell  and  Com¬ 
paq  blaming  each  other  for  the  fact  that 
“today  he  still  doesn't  have  a  working  sys¬ 
tem, ’’Visher  says. 

Other  customers  have  endured  chronic 
billing  problems  in  which  a  charge  for 
DSL  service  starts  appearing  once  the  ser¬ 
vice  is  ordered  but  before  it’s  installed. 
The  customers  have  to  call  Pacific  Bell 
every  month  to  have  the  charge  removed 
until  the  DSL  line  comes  up. 

Visher’s  original  plaintiff  signed  a  two- 
year  contract  for  DSL  service  with  the 
See  Lawsuits,  page  28 


Broadwing  offers  stronger  mgmt.  tools  for  VPNs 


BY  DENISE  PAPPALARDO 

AUSTIN,  TEXAS  —  Broadwing  Commu¬ 
nications  claims  customers  can  keep  a  bet¬ 
ter  handle  on  their  VPNs  with  enhanced 
tools  the  carrier  announced  last  week. 

Broadwing  eClass  IP  VPN  users  can 
now  change  traffic  prioritization,  create 
or  delete  remote  user  access  privileges, 
access  additional  network  performance 
reports,  and  create  and  track  trouble  tick¬ 
ets  right  from  their  desktops. 

Since  the  provider  launched  its  VPN 
service  last  June,  it  has  updated  and 
tweaked  its  Customer  Network  Manage¬ 
ment  Service  (CNMS)  software  to  offer 
more  control,  says  Tony  Tomae,  vice  presi¬ 
dent  of  Internet  and  data  serv  ices. 

While  the  CNMS  tools  were  available 
when  the  VPN  service  was  launched,  the 


software  was  limited.  Now  users  can 
change  traffic  prioritization  on  the  fly.  If  a 
company’s  CEO  is  addressing  employees 
via  a  live  videostream,  the  network  man¬ 
ager  can  give  that  traffic  top  priority. 

Broadwing  is  using  Differentiated  Ser¬ 
vices  to  set  prioritization,  which  is  sup¬ 
ported  on  the  Nortel  Networks  Shasta 
devices  that  are  the  heart  of  the  service 
provider’s  network-based  VPN  service. 

Customers  can  now  create,  delete 
or  modify  dial-up  remote-access 
accounts  with  the  enhanced  tools.  “In 
the  past,  customers  had  to  call  our  800 
number  to  add  or  delete  users,  and  that 
wasn’t  productive  on  the  user  side  or 
the  carrier  side,  especially  if  you’re  try¬ 
ing  to  manage  1,000  remote  users,” 
Tomae  says. 

Before  the  CNMS  enhancement,  users 


could  only  access  monthly  network  per¬ 
formance  reports  that  measured  latency 
between  cities  on  the  carrier’s  network. 
Now  users  can  view  daily  and  weekly 
reports.  3 
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FREE  MPLS  SEMINARS 


CHICAGO,  IL 
RTP,  NC 
ATLANTA,  GA 
DALLAS,  TX 
DENVER,  CO 
SANTA  CLARA,  C  A 
SAN  DIEGO,  CA 
BOSTON,  MA 
NY/NJ 


March  13 
March  14 
March  15 
March  20 
March  2 
March  22 
March  23 
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WASH.  DC  March  29 


Adtech  and  SmartBits  MPLS  performance  analysis  tools  offer  you  the  industry's 
first  solution  for  assessing  the  viability,  performance  impacts  and  scalability  of 
MPLS  technology. 


Spirent,  The 
World  Leader 
In  Performance 
Analysis  Solutions, 
manufactures  the 
award-winning  Adtech,'  . 
DLS,  CSS,  Hekimian, 


Metrah.m,  Net-HOPPER, 

■ 

SmartBits;  TAS,  and  Zarak 


product  lines. 


(800)  927-2660 


You  can  use  the  MPLS  performance  analysis  tools  to  accurately  recreate  the 
complexity  and  dynamic  nature  of  MPLS  traffic  and  traffic  management 
prior  to  deployment  on  live  networks,  greatly  minimizing  risks  when 
introducing  MPLS  systems,  and  accelerating  the  time  to  market  for 
MPLS-based  products. 


www.spirentcom.com/mpls 


Toward  a  new  generation  of  user  groups 


There’s  something  about  the 
nationwide  wave  of  DSL  cus¬ 
tomer  service  disaster  stories  that  has 
touched  a  nerve. All  over  the  Internet, 


sites  and  organizations  are  popping 
up  to  battle  the  big  carriers  over  rot¬ 
ten  DSL  service,  and,  while  they’re  at 
it,  a  lot  of  other  problems  as  well. 


If  you  haven’t  had  the  chance, 
check  out  a  few  of  the  following: 
www.ihatethephonecompany.com, 
www.consumersvoice.org,  www.find- 
betterservice.com,  www.xdslre- 
source.com,  www.uswestsucks.net 
(and  its  sister  site,  www.tsewq.com 
—  that’s  Qwest  spelled  backward), 
www.worldwidewait.com  and  www. 
bradlands.com/misc/adslhell.html. 

Some  of  these  sites  and  groups  can 
be  crude  or  amateurish,  and  as  always 
there’s  potential  for  infiltration  and 
manipulation  by  rivals  to  whatever  car¬ 
rier  is  being  criticized.  (Example: 
www.voicesforchoices.org,  a  new, 
slightly-too-slick  anti-Bell  organization 
with  the  telltale  AT&T  listed  among  its 
members.) 

Still,  there’s  a  lesson  for  the  old-line 
business  telecom  user  groups  in  this 
grass-roots  anger:  You  gotta  find  out 
what  keeps  people  up  at  night  and 
make  those  your  issues  to  attack.  As  it 
happens,  this  lesson  may  have  to  be 
learned  by  a  whole  new  generation  of 
user  groups. The  old  generation,  literally 
going  back  more  than  50  years,  is  now 
almost  moribund. 

The  last  to  stumble  is  the  Internation¬ 
al  Communications  Association  (ICA),  a 
once-prestigious  organization  founded 
in  1948  that  brought  together  billions  of 
dollars  of  corporate  telecom  spending 
power  to  serve  as  the  voice  of  the  user. 

Now  after  years  of  slow  decline,  the 
ICA  is  scrambling  to  find  a  place  for  its 
annual  meeting,  having  been  all  but 
booted  out  of  the  SuperComm  trade 
show  (www.nwfusion.com,  DocFinder: 
3230). 

The  reasons  for  ICA’s  troubles  —  fol¬ 


lowing  similar  woes  of  several  other 
groups  mentioned  in  the  article  —  are 
rooted  in  a  sense  of  policy  inertia.  As 
this  column  has  warned  in  the  past,  ICA 
has  continued  to  focus  on  extremely 
old-fashioned  voice  telecom  issues  right 
on  through  the  Internet  revolution.With 
no  apparent  attempt  to  really  probe  its 
members’  opinions,  ICA  has  mostly 
injected  itself  in  largely  intercarrier 
debates  having  to  do  with  the  formulas 
under  which  carriers  pay  each  other  for 
access  and  universal  service. 

All  this  has  happened  while,  right 
under  its  nose,  a  veritable  installation 
and  provisioning  crisis  for  everything 
from  asymmetric  DSL  service  for  the 
residential  user  to  OC-3  links  for  the 
Fortune  100  have  overwhelmed  carri¬ 
ers  mired  in  energy-sapping  mergers, 
divestitures  and  other  assorted 
reorganizations. 

The  next  group  that  comes  along 
to  represent  business  voice  and  data 
users  should  consider  demanding 
meetings  with  carrier  CEOs,  not  just 
joining  in  Washington  alliances  to 
make  me-too  filings  before  the  Fed¬ 
eral  Communications  Commission. 
But  even  in  Washington,  government 
officials  anxiously  await  briefings  by 
genuine  user  groups  backed  by 
strong  internal  research  and,  dare  I 
say  it,  a  bit  of  passion. 

New  FCC  Chairman  Michael  Powell 
has  admitted  he’s  spent  so  much  time 
since  1997  as  an  FCC  commissioner 
listening  to  rival  groups  of  vendors 
argue  the  issues  that  he  sometimes 
loses  track  of  where  the  real  user  ben¬ 
efit  lies.  Anyone  available  to  help  Mr. 
Powell  out? 

Rohde  is  managing  editor  of  The 
Edge  section  of  Network  World.  He 
can  be  reached  at  drohde@nww.com. 
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Lawsuits, 

continued  from  page  25 

Compaq  PC  and  expected  delivery  in 
30  days  in  accordance  with  contract 
language.  Visher  claims  the  offer  of  free 
service  through  the  end  of  2000  consti¬ 
tutes  “fraud  in  inducement”  because 
the  year  came  and  went  without  the 
DSL  line  being  installed. 

Although  the  benefit  lost  was  “free,” 
Visher  says  the  plaintiff  still  suffered 
damages  because  the  effect  of  the  con¬ 
tract  was  to  offer  more  than  24 
months’  service  for  the  stated  price, 
and  because  signing  the  contract  pre¬ 
vented  the  plaintiff  from  seeking  alter¬ 
nate  providers. 

Much  the  same  charge  appears  in 
the  Los  Angeles  suit  filed  by  the  firm  of 
Stull,  Stull  &  Brody.  The  complaint  says 
Pacific  Bell  “failed  to  construct  and 
maintain  an  adequate  telecommunica¬ 
tions  infrastructure”  to  support  its  DSL 
ad  campaign  and  did  so  “in  its  rush  to 
quash  the  efforts  of  its  competitors  in 


the  high-speed  Internet  access  service 
industry.” 

In  similar  fashion,  SBC  unit  South¬ 
western  Bell  faces  charges  of  failing  to 
develop  enough  backhaul  capacity  for 
its  DSL  customers  in  a  class-action  law¬ 
suit  filed  last  August.  Verizon  is  under 
the  gun  in  recent  court  cases  focusing 
on  DSL  network  performance  and  tech¬ 
nical  service. 

The  California  lawsuits  generally  note 
complications  arising  from  the  fact  that 
Pacific  Bell  DSL  installations  involve 
three  subsidiaries:  Pacific  Bell  for  the 
local  loop,  PBIS  for  Internet  access  and 
Advanced  Solutions,  Inc.  (ASI),  an  SBC- 
wide  data  subsidiary  responsible  for  DSL 
gear.  ASI  technicians  have  had  to  stop 
and  call  Pacific  Bell  to  open  trouble  tick¬ 
ets  when  they  can't  achieve  “sync”  on 
the  line,  concedes  Pacific  Bell’s  Britton. 
“That's  definitely  slowed  down  the 
process,”  he  says. 

The  UCAN-backed  San  Diego  lawsuit 
is  online  at:  www.ucan.org/law_poli- 
cy/teledocs/DSLpacbell.html.  U 
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Carriers  8  ISPs  Special  Focus 


Shedding  new  light 
on  dark  fiber 


BY  MICHAEL  MARTIN 

Enterprise  customers  are  finally  seeing  the  light 
when  it  comes  to  obtaining  huge  chunks  of 
bandwidth  in  campus  and  metropolitan-area 
networks. 

Large  organizations  now  have  the  option  of 
getting  out  of  the  business  of  leasing  and  light¬ 
ing  dark  fiber  themselves,  and  moving  to  multigigabit 
wavelength  services  managed  by  service 
providers. 

There  are  several  reasons  for  looking  at 
making  the  shift,  but  chief  among  them  is 
ease  of  management. 

Large  enterprise  customers  first  began 
leasing  dark  fiber  from  service  providers 
in  the  early  1990s. Their  data  needs  were 
exploding,  and  the  SONET  and  ATM  ser¬ 
vices  offered  by  carriers  were  expensive 
and  not  very  efficient  at  transporting 
protocols  such  as  Enterprise  Systems 
Connection,  Fibre  Channel  and  Ethernet. 

So  instead  of  paying  for  traditional  car¬ 
rier  services,  large  companies  —  espe¬ 
cially  financial  institutions  —  began  leas¬ 
ing  chunks  of  fiber  between  their 
facilities,  lighting  the  lines  with  their 
own  switches  and  managing  the  fiber 
connection  end-to-end. 

But  the  recent  advent  of  dense  wave¬ 
length  division  multiplexing  (DWDM)  and  its  grow¬ 
ing  presence  in  MANs  has  the  potential  to  lessen  the 
appeal  of  leasing  dark  fiber  in  this  manner. 

DWDM  multiplies  the  bandwidth  potential  of  fiber 
many  times  over  by  allowing  a  single  fiber  strand  to 
carry  multiple  wavelengths  of  light.  For  instance,  Nor¬ 
tel  Networks’  OPTera  Metro  5000  series  optical  plat¬ 
forms  can  carry  up  to  64  wavelengths  across  one 
fiber  ring. 

Managed  wavelength  services  are  available  from  a 
variety  of  service  providers,  including  360networks, 
Metromedia  Fiber  Network,  Level  3,  Global  Crossing, 
XO  Communications  and  AT&T.  While  the  service 
price  will  vary  depending  on  fiber  availability  and  the 
exact  services  ordered,  all  these  firms  are  looking  for 
very  large  customers  that  will  sign  long-term  con¬ 
tracts  worth  millions. 

For  example,  AT&T  expects  customers  who  sign 
up  for  its  recently  announced  DWDM-based  Ultravail- 
able  Broadband  Network  service  to  spend  between 
$10  million  and  $100  million  over  the  course  of  a 
five-year  contract.  Ultravailable  Broadband  Network 
provides  metropolitan-area  connections  at  up  to  2.4G 
bit/sec. 

Other  firms,  including  Cogent  Communications 
and  Yipes  Communications,  offer  Ethernet  services 
over  optical  wavelengths  aimed  at  smaller  busi¬ 
nesses.  Cogent’s  services  begin  at  $1,000  per  month 
for  a  100M  bit/sec  Internet  connection.  But  Yipes’ 
and  Cogent’s  services  don’t  provide  the  same  band- 


DARK  FIBER 

Wavelength  services  are 
giving  companies  more 
network  options. 


width  or  service-level  agreements  that  providers  are 
targeting  at  larger  companies. 

GiantLoop  Network,  a  Waltham,  Mass.,  service 
provider,  offers  optical  and  professional  services  to 
Fortune  250  companies,  focusing  specifically  on 
financial  institutions.  Although  GiantLoop  doesn’t 
own  any  fiber,  the  company  will  obtain  fiber  for  its 
customers,  light  it  and  manage  the  customers’  net¬ 
works. The  firm  supports  several  protocols  running 
across  optical  wavelengths  in  metropolitan,  campus 
and  intercity  networks. 

Jon  Oltsik,  GiantLoop  s  vice  president  of  corpo¬ 
rate  marketing,  says  there  are  a  number  of  advantages 
to  a  company  choosing  an  outsourced,  managed 
wavelength  service,  rather  than  setting  up  its  own 
dark  fiber  network  or  buying  SONET  services. 

One  is  cost.  If  a  firm  wants  to  run  its  own  services 
over  dark  fiber,  it  must  pay  for  a  dark  fiber  lease, 
switches  to  light  the  fiber,  management  platforms  and 
specialized  personnel  to  run  the  network. The  optical 
expertise  required  to  run  wavelength  services  over 
dark  fiber  is  difficult  to  find  and  expensive,  Oltsik 
notes,  so  many  companies  would  rather  not  run  their 
own  wavelength  services. 

Another  advantage  is  simplicity,  Oltsik  says.  Optical 
wavelengths  let  protocols  be  transported  in  their 
native  formats  with  no  conversion  required  at  either 
end  of  the  connection.  Companies  also  might  find  it 
difficult  to  engage  in  negotiating  long-term  leases  on 
fiber  routes,  which  is  an  art  in  itself,  he  adds. 


“You  end  up  getting  into  areas  where  the  skill 
sets  of  your  IT  people  are  very  limited,”  Oltsik  says. 

Another  advantage  wavelength  services  have 
over  dark  fiber  and  traditional  SONET  services  is 
that  they  can  be  deployed  quickly,  Oltsik  says.  If  a 
customer  needs  more  bandwidth,  all  a  service 
provider  has  to  do  is  add  another  wavelength  by 
placing  a  new  line  card  in  the  carrier  switch  —  not 
more  bulky  equipment  and  fiber. 

“When  you  order  services  from  us, 
you’re  not  losing  any  time  compared  to 
what  you’d  be  waiting  for  with  SONET,” 
Oltsik  says. “But  when  you  need  more 
bandwidth,  for  us  to  put  that  up,  it’s 
a  matter  of  days,  rather  than  the 
weeks  or  months  new  SONET  services 
can  take.” 

Still,  the  question  of  whether  a  com¬ 
pany  should  forsake  dark  fiber  for  man¬ 
aged  wavelengths  isn’t  an  easy  one  to 
answer,  says  Rosemary  Cochran,  principal 
with  research  firm  Vertical  Systems 
Group. 

“It’s  not  easy  to  do  a  comparison  of 
what  it  will  cost  to  do  it  yourself  and 
what  it  would  cost  for  a  service  provider 
to  do  it  for  you,”  she  says. 

Certainly  no  company  that’s  already 
operating  its  own  dark  fiber  network  is 
going  to  shut  its  network  down  until  it  has 
to  do  so,  Cochran  says.  Reasons  for  moving  to  a  man¬ 
aged  service  might  include  new  applications,  a  short¬ 
age  of  bandwidth  or  difficulty  retaining  qualified  IT 
staff,  she  says. 

Another  factor  weighing  against  moving  to  a 
managed  wavelength  service  is  that  many  of  the 
providers  offering  them  are  not  traditional  incum¬ 
bent  local  exchange  carriers.  Some  providers  sell 
only  on  a  wholesale  basis,  while  others  have  offer¬ 
ings  aimed  at  large  enterprise  customers. 

“These  services  are  offered  mostly  by  start-up  ser¬ 
vice  providers,  and  no  one  wants  to  make  a  move 
that  may  be  a  risk,”  Cochran  says. 

Even  though  it  may  be  more  expensive  to  use  a 
combination  of  dark  fiber  and  SONET  services  from 
traditional  carriers,  many  companies  will  want  to 
stick  with  the  tried  and  true,  rather  than  taking  a 
chance  on  an  unknown  entity. 

“If  it  ain’t  broke,  they  likely  aren’t  going  to  try  to 
fix  it,”  Cochran  says. 

Large  companies  aren’t  the  only  customers  flock¬ 
ing  to  wavelength  services.  In  fact,  the  biggest  con¬ 
sumers  of  such  services  are  carriers,  ISPs  and  applica¬ 
tion  service  providers  that  buy  wholesale  bandwidth 
from  other  service  providers. 

“A  lot  of  large  carriers  are  looking  at  waves,”  says 
Sunita  Krishna,  a  product  manager  at  Williams  Com¬ 
munications,  a  bandwidth  wholesaler  in  Tulsa,  Okla. 
“They  want  to  focus  on  the  IP  layer,  and  they  want  us 
to  focus  on  the  optical  layer.”  S 


Waving  goodbye  to  dark  fiber 

Wavelength  services  have  several  advantages  over  traditional  SONET 
and  dark  fiber. 

Advantages: 

•  Service  provider  handles  network  and  equipment  from  edge  of  customer  premises. 

•  Provider  manages  wavelength  services,  freeing  IT  staff  from  transporting  multiple 
protocols  over  one  infrastructure. 

•  Bandwidth  can  be  added  in  days,  not  months  as  with  traditional  OC-3. 

•  Unlike  dark  fiber,  wavelength  services  don't  require  20-year  leases  or  buildouts  to 
new  sites. 

Disadvantage: 

•  Wavelength  services  are  generally  available  only  in  business  districts  of  large  cities. 
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Issa  Gerami, 

Network  Manager,  Acte  I  Corp. 


VPN  !  ATM  !  FRAME  RELAY  I  CO-LOCATION  I  EQUIPMENT 

When  the  Network  Manager  of  Actel  needed  to  expand 
and  upgrade  his  network,  he  couldn't  afford  to  throw  out 
the  baby  with  the  bath  water.  So  Issa  Gerami  turned  to 
Configure.  In  return  he  got  a  well-considered  assessment 
of  how  his  needs  had  changed  as  well  as  a  solid  strategy 
for  meeting  them.  By  optimizing  Actel's  existing  infrastruc¬ 
ture  and  then  migrating  new  capabilities  onto  it,  Configure 
provided  a  solution  that  not  only  enhanced  network  per¬ 
formance  —  it  accommodated  Actel's  changing  require¬ 
ments  while  preserving  the  value  of  its  previous  invest¬ 
ments.  Imagine  what  we  could  do  for  you. 

_  Cisco  Systems 

Network  Design  |  Network  Optimization  \  Network  Performance  \  Network  Equipment  Sales 
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Briefs 


A  group  of  conservative  think 
tanks  last  week  wrote  Congress 
panning  a  growing  number  of 
calls  to  split  regional  Bell  operat¬ 
ing  companies  into  wholesale  and 
retail  units,  with  the  wholesale 
companies  making  local  loops 
equally  available  to  all  service 
providers.  The  groups,  including 
the  Cato  Institute,  the  Progress  & 
Freedom  Foundation  and  Citizens 
for  a  Sound  Economy,  said  they 
feared  such  a  move  would  cause 
competitive  local  exchange  carri¬ 
ers  and  the  new  wholesale  loop 
companies  to  skimp  on  new  infra¬ 
structure  investment.  The  letter  is 
available  at:  www.pff.org/Sep 
arateSubLetter022701  ,htm 

Motorola  last  week  announced 
it  plans  to  integrate  Convergent 
Networks'  ICServiceWorks  soft- 
switch  technology  into  Motorola's 
voice-over-IP  product  family. 
Motorola's  Broadband  Communi¬ 
cations  Sector  unit  targets  its 
voice-over-IP  gear  at  cable  opera¬ 
tors  with  hybrid  fiber-coaxial 
infrastructure.  Motorola  also  said 
it's  taking  an  equity  investment  in 
Convergent. 

Convergent:  www.convergent 
net.com 

Optical  component  and  subsys¬ 
tem  maker  Southampton  Photon¬ 
ics  has  conceived  a  design  and 
fabrication  process  that  will  let 
carriers  increase  the  number  of 
wavelengths  on  one  fiber,  increas¬ 
ing  capacity  and  lowering  costs. 

The  process  increases  the 
speed,  consistency  and  precision 
of  fiber  Bragg  gratings,  compo¬ 
nents  for  filtering,  routing  and 
conditioning  individual  wave¬ 
lengths  in  a  dense  wave  division 
multiplexing  system.  It  uses 
generic  instead  of  custom  phase 
masks  when  etching  gratings  into 
fiber  using  ultraviolet  light,  which 
can  pack  up  to  320  colors  —  an 
eightfold  increase  —  onto  one 
fiber. 


Service  provider  developments  at 
the  juncture  between  the  enterprise 
and  the  new  public  network 


Vendors  pitch  plans  for  MTU  buildouts 


BY  DAVID  ROHDE 

Two  vendors  are  trying  to  add 
juice  to  the  broadband  multi¬ 
tenant  unit  market  —  one  with  a 
break  from  a  past  pure  optical  play;  the 
other  with  a  combo  offer  of  gear  for  com¬ 
mon  wiring  closets  and  tenant  office 
suites. 

Passive  optical  network  (PON)  vendor 
Quantum  Bridge  is  planning  an  intermedi¬ 
ate  switch  platform  for  MTU  sites  called 
QB3000  Optical  Access  Switch. 

The  compact,  seven-slot  device  is  meant 
to  fit  between  Quantum  Bridge’s  flagship 
QB5000  for  carrier  locations  and  Intelli¬ 
gent  Optical  Terminal  GOT)  for  customer 
sites,  which  trade  optical  streams  in  a  fiber- 
to-the-curb  or  “passive  optical”  setup. 

The  QB3000  supports  the  same  OC-3 
and  OC-12  service  modules  as  the  larger 
chassis  —  with  the  cards  turned  on  their 
sides  —  but  adds  generic  Ethernet  andT-1 
interfaces.  The  idea  is  to  provide  local  or 
metro  Ethernet  connections  for  data  and 
T-ls  for  PBXs,  says  Jay  Dix,  Quantum 
Bridge’s  director  of  product  marketing. 

The  QB3000  can  also  substitute  for  the 
QB5000  in  smaller  carrier  points  of  pres¬ 
ence  (POP)  or  collocation  sites.  Alterna- 


Access  flexibility 

Quantum  Bridge's  seven-slot  QB3000 
Optical  Access  Switch  comes  with  the 
following  service  module  options: 


•  24-port  Ethernet 
switch 

•  1 6-port  T-1/E-1 

•  OC-12  ATM 


•  Quad  OC-3  ATM 

•  Dual  OC-3  ATM/time- 
division  multiplexing 
gateway 


tively,  even  while  sitting  in  an  MTU  com¬ 
mon  wiring  closet,  the  QB3000  can  serve 
as  a  “virtual  POP”  extending  the  PON  to 
nearby  buildings  outfitted  with  the  IOT. 

Quantum  Bridge  has  been  selling  to 
telecom  and  cable  carriers  going  after 
office  parks  as  well  as  the  multitenant  resi¬ 


dential  market,  but  the  vendor’s  pure  PON 
platform  limited  its  appeal,  says  Aberdeen 
Group  analyst  Andy  McCormick.  “In  the 
business  market,  they  like  dedicated  cir¬ 
cuits,”  he  says. 

A  newer  start-up,  Connecticut  firm 
Kenetec,  has  its  own  take  on  the  MTU  mar¬ 
ket,  noting  that  most  vendors  for  MTU 
common  wiring  closets  aren’t  the  same 
ones  supplying  tenants  with  integrated 
access  devices.  So  Kenetec  has  introduced 
a  coordinated  family  of  switching  equip¬ 
ment  that  creates  what  it  dubs  a  “Services- 
oriented  Building  Area  Network,”  or  SBAN. 

Kenetec ’s  family  begins  with  the  Edge 
Xpress  1000  Service  Access  Unit,  which 
provides  a  combination  of  plain  old  tele¬ 
phone  service  telephony,  voice  over  IP  or 
voice  over  ATM,  plus  100M  bit/data  access. 
That  connects  with  the  EdgeXpress  5000 
Series  Service  Exchange  Platform  —  a  fam¬ 
ily  of  four-,  eight-  and  17-slot  access  aggre¬ 
gators  with  a  range  of  NxT-l,T-3,OC-3  and 
wireless  WAN  interfaces.  The  two  boxes 
together  coordinate  IP  and  ATM  class-of- 
service  tagging. 

The  EdgeXpress  1000  starts  at  $2,395 
and  the  EdgeXpress  5000  at  $28,995. 
Kenetec  also  offers  the  EdgeManager  Ser¬ 
vice  Provisioning  System  at  $9,995. □ 


Luxcore  touting  a  breakthrough  photonic  router 


BY  JIM  DUFFY 

ATLANTA  —  Pundits  say  electronics 
will  always  be  needed  in  optical  network¬ 
ing  because  routing  intelligence  cannot 
yet  manifest  itself  in  photons  and  will  not 
be  able  to  do  so  for  many  years. 

But  if  electronics  are  necessary,  an  “end- 
to-end,  all-optical”  network  will  never  be 
achieved.  Moreover,  converting  signals 
from  electrons  to  light  and  back  saps  net¬ 
work  performance  and  eats  fiber  capacity. 

One  firm,  however,  says  it  is  ready  to 
demonstrate  what  it  claims  is  the  first  pho¬ 
tonic  router  that  eliminates  optical-to-elec- 
trical  conversions  and  costs  50%  less  to 
implement  than  today’s  alternative.  This 
would  be  a  breakthrough,  as  photonic 
routers  —  ones  that  perform  Layer  3  pro¬ 
cessing  on  packets  optically  —  are  not 
expected  for  many  years. 

In  two  weeks,  Luxcore  will  display  at 
the  Optical  Fiber  Consortium  (OFC)  con¬ 
ference  in  Anaheim,  Calif.,  what  it  calls  a 
“third-generation”  optical  router  that  costs 


half  as  much  as  the  dense  wave  division 
multiplexers  (DWDM)  and  optical  cross¬ 
connects  it  replaces.  The  demonstration 
will  show  how  Luxcore’s  router  can  sup¬ 
port  multiple  wavelengths  over  a  single 
fiber  by  eliminating  four  optical-to-electri- 
cal  conversions  common  in  transport  and 
switching  equipment,  and  two  conver¬ 
sions  found  in  equipment  slated  for 
deployment  in  the  second  half  of  this  year. 

“It’s  cheaper  to  go  third  generation 
right  off  the  bat,”  says  John  Boyd,  vice  pres¬ 
ident  of  sales  and  marketing  for  Luxcore, 
referring  to  the  company’s  OXR  router. 
Today’s  four-conversion  equipment,  based 
on  electrical  switching,  is  first  generation 
while  the  two-conversion  gear,  based  on 
micro-electro-mechanical  system  (MEMS) 
switching,  is  second  generation,  he  says. 

The  OXR  has  a  tunable  wavelength  con¬ 
verter  and  a  MEMS  switching  fabric.  First- 
and  second-generation  gear  support  “stat¬ 
ic”  wavelength  converters  requiring  opti- 
cal-to-electrical  conversions,  Luxcore  says. 

The  OFC  demo  will  show  two  OXRs  in 


a  point-to-point  configuration  with  two 
endpoint  transmission  systems  connected 
to  them.  This  configuration  represents  a 
four-city  network  with  the  capability  of 
supporting  1 ,000  terabits,  or  1  petabit,  of 
bandwidth,  Boyd  says. 

Luxcore  will  ship  the  OXR  in  Decem¬ 
ber,  Boyd  says.  He  would  not  disclose 
details  on  the  router’s  architecture  or  con¬ 
figurations,  nor  would  he  identify'  service 
provider  beta  testers. 

Analysts  say  the  OXR  is  a  wavelength 
router,  similar  to  products  Corvis  offers  or 
plans  to  offer,  rather  than  a  device  that  per¬ 
forms  Layer  3  packet  processing  optically 
—  the  kind  of  photonic  router  that’s  not 
expected  for  many  years,  if  ever. 

“They’re  taking  DWDM  signals  and 
doing  a  wavelength  cross-connect  func¬ 
tion,  or  an  optical  switch  function,  and 
keeping  the  signal  all-optical,”  says  Dave 
Kroizer,  senior  analyst  at  RHK.  “So  they’re 
doing  Layer  3  processing  of  control  infor¬ 
mation,  but  not  doing  any  Layer  3  packet 
processing  of  the  data  channels.”  □ 


Network  World  March  5,  200  1  www.nwfusion.com  31 


“UJe’ue  been  protected  so  far.” 


Build  security.  Build  trust.  Build  business. 


Attend  “The  Changing  Face  of  Information  Security” 


To  build  your  business,  trust  is  absolutely  essential — the  trust  of 
employees,  customers,  vendors,  and  investors.  And  to  earn  and 
maintain  that  trust,  you  must  have  the  right  information  security 

measures  in  place. 

Join  your  colleagues  at  “The  Changing  Face  of  Information  Security,” 
produced  by  Network  World  and  led  by  renowned  information  security 

expert  Michel  E.  Kabay,  Ph.D.,  CISSP  of 
AtomicTangerine,  Inc.  Learn  howto  protect 
your  company’s  most  valuable  assets  at  this 
educational  one-day  event. 

BONUS:  Register  by  4/30/01  and  receive  a  copy  of 
Michel  E.  Kabay’s  award-winning  whitepaper*, 
Developing  and  Implementing  INFOSEC  Policies. 

“Winner  of  an  Outstanding  Paper  award  at  the  16th  National  Computer  Security  Conference. 


atomic  tangerine 
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Toronto,  ON 
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TECH  UPDATE 


Get  to  the  meet  of  the  matter 


Topics  include: 

■  Keeping  systems  secure  in  the  face  of  evolving  vulnerabilities 


Protecting  your  Web  site,  e-commerce  transactions,  e-mail, 
databases,  and  other  information  assets 


Effectively  communicating  the  mission  critical  and  value- 
added  benefits  of  information  security  to  corporate 
management 


And  more! 


Register  Today! 

www.networkworld.com/seminars/security 
or  call  800-643-4668 
Seminar  Fee:  $110  (U.S.) 

Event  Partner 

Top 
layer 


^  Symantec 
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Premium  sponsorship  opportunities  are  still  available  for  this  event.  Please  contact  Robin  Azar  at  (508)  490-6570  or  razar@nww.com  for  more  details. 


Original  ceilings. 
Original  moldings. 
Original  wiring? 


Simpler  Networking,  anyone? 


Gp'C 

3Com- 


3Com  Wireless  Networking 

Found  a  great,  classic  space  that’s  off-limits  to  technology?  It’s  a  perfect  time  to 
discover  3Com’s  whole  new  line  of  wireless  network  products.  A  new  approach 
to  how  any  business  can  instantly  create  a  fast-moving  network  out  of  thin  air 
And  exploit  the  Internet  to  its  fullest.  (And  bring  the  1 8th  century  to  the  21  st.) 
Just  talk  to  your  3Com  reseller  or  click  3Com.com.  Home.  Office.  Beyond 


Simple  sets  you  free 


Special  Advertising  Supplement 


WIRELESS  INDUSTRY  LEADERSHIP.  3Com  is  a 
founding  member  of  WECA  (Wireless  Ethernet 
Compatibility  Alliance)  and  WLANA  (Wireless  LAN 
Association).  3Com  is  also  one  of  nine  promoters  of 
the  Bluetooth  Special  Interest  Group,  whose  aim  it 
is  to  greatly  simplify  the  process  of  connecting  all 
sorts  of  mobile  electronic  devices.  This  business- 
critical  Bluetooth  technology  will  not  only  be  able 
to  carry  high-quality  voice,  but  will  also  support  data 
transmission  between  mobile  devices.  And  3Com 
is  prominent  in  wireless  LAN  and  networking 
standards. 


RICH  MANAGEMENT  FEATURES.  For3Com’s 
AirConnect®  wireless  LAN  solution,  these  features 
include  the  ability  for  employees  to  have  very  high¬ 
speed  network  access  with  far  greater  freedom  of 
movement  in  their  increasingly  mobile  world. 
AirConnect’s  unique  PowerBASE-T  module  provides 
power  to  access  points  via  the  Ethernet  cable  con¬ 
necting  them  to  the  network,  and  this  eliminates  the 
usual  costly  process  of  running  electricity  to  each 
location.  Meanwhile,  AirConnect’s  Site  Survey  Utility 
is  designed  from  the  ground-up  to  help  IT  profession¬ 
als  with  the  often-complex  task  of  properly  placing 


The  Top  Reasons  Why  3Com  Should  Be 
R  Major  Port  Of  Vour  Wireless  Solutions 


HIGHLY  STANDARDS-BASED.  All  3Com  Wireless  LANs 
support  the  IEEE  802.11b  standard,  which  is  destined 
to  become  the  standard  of  choice  for  wireless  net¬ 
working.  This  IEEE  standard  supports  wireless  trans¬ 
mission  rates  up  to  11  MB/sec,  holding  out  the  prom¬ 
ise  of  new  and  exciting  wireless  LAN  applications 
requiring  high  performance,  high  throughput  and 
maximum  availability.  3Com  products  are  also  Wi¬ 
Fi™  (Wireless  Fidelity)  certified,  ensuring  multiven¬ 
dor  interoperability.  This  certified  interoperability  is 
key  to  advancing  the  adoption  of  wireless  LANs  into 
the  corporate,  small  business,  home  and  public 
access  markets.  Further,  interoperability  helps  safe¬ 
guard  the  wireless  investments  you’ve  already  made 
and  will  make  in  the  future. 

PC  CARD  LEADERSHIP.  When  most  people  think  of 
network  interface  cards  or  NICs,  they  immediately 
think  of  3Com,  with  good  reason.  3Com’s  NICs  are 
industry  leading  in  several  areas,  being  the  world’s 
market  leader  in  10/100  MB/sec  Ethernet  access 
solutions.  3Com’s  EtherLink®  NICs  deliver  maximum 
reliable  connections  over  twisted  pair,  coaxial  or 
fiber-optic  lines.  By  leveraging  its  leadership  in 
mobile  connectivity,  3Com  is  perfectly  positioned  for 
wireless  PC  cards  with  the  cordless  PC  market  seg¬ 
ment  as  well. 


access  points  to  achieve  desired  coverage  and  per¬ 
formance.  The  Mobile  Connection  Manager  creates 
profiles  for  users  to  facilitate  their  roaming. 

RADICAL  SIMPLICITY.  3Com’s  Home  Wireless 
Gateway  is  literally  plug-and-play,  with  no  software 
or  drivers  needed.  Easily  configurable  through  any 
standard  Web  browser,  this  gateway  allows  users  to 
share  high-speed  Internet  access,  personal  files  and 
resources  either  wirelessly  or  over  Ethernet  wires. 
Support  for  dynamic  host  configuration  protocol 
(DHCP)  enables  a  server  to  automatically  assign  an 
IP  address  to  an  individual  computer’s  TCP/IP  stack 
software,  greatly  automating  the  configuration 
process. 

FULL  FEATURED.  Our  Home  Wireless 
Gateway  is  the  only  all-in-one  wired  and 
wireless  solution.  It  operates  at  wireless 
speeds  that  rival  many  office  networks 
while  also  offering  three  10/100  fast  Ethernet  ports 
for  higher  data  activities.  A  built-in  firewall  and  40- 
bit  encryption  protect  your  data.  Support  for  virtual 
private  networking  (VPN)  ensures  simple  access  to 
the  corporate  network,  while  Wi-Fi™  certification 
guarantees  compatibility  with  other  wireless  net¬ 
working  products. 


3com 


Enterprise 


IBM  announced  last  week  it 
has  integrated  the  IBM  Content 
Manager,  a  repository  for  storing 
and  managing  text  and  multimedia 
documents,  into  Siebel  Systems' 
Call  Center  suite  to  make  it  easier 
for  service  representatives  to  get 
customer  history  data.  The  idea  is 
to  create  a  repository  for  manag¬ 
ing  text  and  multimedia  docu¬ 
ments  by  service  and  sales 
agents.  IBM  Content  Manager, 
which  runs  on  Windows  NT,  AIX, 
AS/400  and  System  390,  costs 
$15,000. 

IBM:  www.ibm.com 


Edify  has  announced  Edify 
Enterprise,  a  customer  relation¬ 
ship  management  product  suite 
that  combines  Edify 's  traditional 
voice-based  sales  and  workflow 
features  with  browser-based 
e-mail,  chat  and  speech  recogni¬ 
tion.  Enterprise  will  let  companies 
set  up  a  single  queue  for  cus¬ 
tomer  representatives  to  respond 
to  inquiries  via  phone  on  the  Web, 
or  automate  responses  through 
linguistic  processing  of  incoming 
mail.  The  program  has  software 
adapters  to  work  with  CRM  prod¬ 
ucts  from  Siebel  Systems  and  oth¬ 
ers,  and  costs  $2  million  and  up. 

Edify:  www.edify.com. 


Sun  Microsystems  last  week 
announced  the  release  of  the 
beta-test  version  of  Connector 
Architecture  for  its  Java  2  Plat¬ 
form,  Enterprise  Edition  (J2EE). 

The  J2EE  Connector  Architecture 
is  designed  to  provide  a  plug-and- 
play  architecture  between  back¬ 
end  applications,  such  as  cus¬ 
tomer  resource  management,  and 
J2EE-compatible  application  ser¬ 
vers,  Sun  says.  Application  ser¬ 
vers  supporting  the  J2EE  Connec¬ 
tor  Architecture  will  be  able  to  use 
an  architecture-based  resource 
adapter  for  an  enterprise  system 
or  legacy  database,  simplifying  the 
integration  between  the  two. 

Sun:  www.sun.com 


Flypaper  offers  collaboration  service 


Helping  users  stick  together 


Flypaper's  open  platform  lets  users  easily  assemble  a  customized  portal  with  a  variety 
of  collaboration  tools,  including: 


•  Document  vaults. 

Create  proposals  and 
contracts,  and  share  those 
between  groups. 

•  Web  conferencing. 

Schedule  and  conduct  real¬ 
time  meetings. 

•  Discussion  groups. 

Connect  users  via  the  Web 
24  hours  a  day;  7  days  a  week. 

•  News.  Integrated  content 
feeds  for  all  kinds  of  news 
and  information. 

•  Group  calendars. 

Coordinate  schedules. 
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BY  JENNIFER  MEARS 

Start-up  Flypaper  will  this  week 
unveil  a  hosted  service  that  it  says 
will  help  customers  quickly  and 
easily  collaborate  online. 

Flypaper’s  platform  uses  a  browser- 
based  authoring  technology  that  lets 
users  design  a  custom  portal  into  the 
collaboration  features  they  choose, 
ranging  from  online  calendars  to  dis¬ 
cussion  groups  and  issue  trackers.  Fly¬ 
paper  has  more  than  70  collaboration 
features. 

“What  we’re  doing  is  providing  col¬ 
laborative  tools  that  bolt  on  to  existing 
e-commerce  systems  and  help  com¬ 
panies  accelerate  the  interaction 
between  the  vendor  and  the  buyer,” 
says  Andy  Leak,  Flypaper’s  founder 
and  CEO. 

What’s  interesting  about  Flypaper, 
says  Bob  Zurek,  senior  analyst  with  the 
research  firm  Forrester,  is  “the  way  the 
collaborative  portal  can  be  created,  so 
it  doesn’t  take  an  IT  person  to  assem¬ 


ble.  ...  All  the  components  that  they 
have  can  be  quickly  put  together  in  the 
environment.” 

Flypaper  has  85  customers,  including 


Texaco  and  Compaq.  ISVOR,  the  human 
resources  and  training  subsidiary  of 
Fiat,  plans  to  use  Flypaper  for  its  joint 
See  Flypaper.  page  34 


Trusted  Systems  suite  controls  network  access 


Company  rolls  out  tools  designed  to  ease  administration  of  access  control  lists  in  Windows  2000. 


BY  JOHN  FONTANA 

URBANA,  ILL  —  Trusted  Systems  Ser¬ 
vices  is  trying  to  take  the  edge  off  man¬ 
aging  access  control  lists  in  Windows 
2000  with  the  latest  edition  of  its  man¬ 
agement  tool. 

With  SuperCACLS  3.0,  a  suite  of  four 
command-line  utilities,  users  can  manage 
ACLs  on  registry  keys  as  well  as  files  and 
directories. 

ACLs  are  a  foundation  of  Windows 
security.  They  control  access  rights  to 
everything  on  the  operating  system. 
ACLs  are  made  up  of  units  of  security 
information  called  access  control 
entries  that  have  three  parts:  user  iden¬ 
tification,  a  list  of  rights,  and  an  indica¬ 
tor  of  whether  a  right  is  granted  or 
denied. 

Managing  ACLs  is  necessary  for  main¬ 
taining  security  on  system  resources  but 
sometimes  is  an  evil  task.  Win  2000 
offers  a  graphical  user  interface  (GUI) 
tool  for  managing  ACLs,  but  it  doesn’t 
offer  the  fine-tuned  controls  of  Super¬ 


CACLS,  Trusted  Systems  says.  Also,  two 
command-line  utilities  in  the  Win  2000 
Resource  Kit  don’t  have  the  features 
found  in  the  Trusted  Systems  tools. 

“The  SuperCACLS  tools  are  small,  fast 
and  powerful,”  says  Glenn  Baker,  vice 
president  of  Maddux  Baker  Associates,  a 
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CONTROLLING 

ACCESS 

For  a  more  focused  look  at 
the  security  aspects  of  Windows 
2000,  read  a  Microsoft  TechNet 
collection  of  more  than  a  dozen  white 
papers  and  security  primers,  and 
download  a  reference  manual  about 
TrustedSystems  SuperCACLS. 


systems  integrator  in  Freemont,  Calif. 
“There  is  not  a  lot  of  extra  stuff,  they  just 
do  what  I  want.  With  the  Windows  2000 
GUI  interface,  it  takes  a  lot  more  time 
and  a  lot  more  clicks.” 

For  example,  Baker  says  SuperCACLS 
lets  him  run  one  command  to  change  an 
entire  batch  of  ACLs.  He  also  says  he  has 
more  fine-tuned  controls,  such  as  a 
“privilege  override,"  which  lets  him  take 
ownership  of  ACLs  and  then  return 
them  to  their  original  owner.  That 
process  is  impossible  with  native  NT 
and  Win  2000  tools. 

SuperCACLS  consists  of  four  utilities: 
PRACL,  for  listing  all  current  ACLs  or  cre¬ 
ating  a  batch  file  that  can  be  used  as  a 
backup;  REACL,  for  replacing  ACLs  indi¬ 
vidually  or  throughout  an  entire  direc¬ 
tory  or  Registry  tree;  MODACL,  for  modi¬ 
fying,  removing  or  adding  individual 
ACLs  while  leaving  others  intact;  and 
TAKEOWN,  which  lets  administrators 
take  ownership  of  ACLs. 

It  also  has  features  such  as  preview, 
See  Trusted  Systems,  page  34 
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Enterprise  Applications 


'Net  Insider .  Scott  Bradner 

At  least  they  are  consistent 


s  a  general  rule,  I  don’t  like 
airports.This  is  a  shame,  since 
I  spend  so  much  time  in  them. 

Now  I  have  yet  another  reason  to 
dislike  them,  or  at  least  the  people 
who  manage  them.  It  seems  that  some 
airports  are  trying  to  muscle  their  way 
into  position  to  overcharge  for  wire¬ 
less  Internet  access. 

The  basic  reason  I  don’t  like  most 
airports  is  that  they  were  not  designed 
for  people  to  use  them.  Instead  they 
seem  to  have  been  designed  so  that 
they  are  nice  to  airplanes.  Atlanta’s  air¬ 
port,  which  I  had  the  misfortune  to 
use  recently,  is  a  perfect  example.  It 
seemed  like  the  designers  of  the  air¬ 
port  never  actually  used  airports.  If 
they  did,  they  wouldn’t  have  made 
miles  of  hallways  without  providing 


moving  walkways  to  help  people  get 
around. 

Atlanta’s  airport  is  not  as  bad  as 
many.  At  least  it  has  some  semireason- 
able  food,  even  if  the  food  is  not  well 
distributed  in  the  terminals.  I’ve  been 
in  a  number  of  airports  where  there 
seems  to  be  a  conscious  effort  to 
ensure  that  the  food  quality  is  low 
enough  that  the  food  you  are  offered 
on  the  plane  will  come  as  a  relief.  Most 
airports  also  try  to  ensure  the  food 
stalls  (it  is  rare  that  any  of  them  might 
rise  to  a  level  where  they  might  be 
called  restaurants)  price  their  goods  at 
least  twice  as  high  as  one  would  find 
in  the  rest  of  the  world.  Five-dollar  hot 
dogs  and  $3  Cokes  are  altogether  too 
common,  as  are  $7  charges  for 
3-minute  pay  phone  calls.  It  turns  out 


that  airports  make  a  lot  of  money  off 
of  their  pay  phones. 

Money  they  make  by  ripping  off 
travelers.  But  this  revenue  stream  is 
now  under  threat.  Too  many  travelers 
are  using  cell  phones  and  bypassing 
the  pay  phones. 

(As  an  aside,  it’s  not  just  the  fly-by- 
night  phone  companies  that  partici¬ 
pate  in  this  rip-off  —  the  February 
issue  of  Consumer  Reports  says  that 
one  of  the  worst  offenders  is  AT&T.) 

According  to  press  reports,  the  air¬ 
ports  are  fighting  back  by  restricting 
cell  phone  companies  from  installing 
their  antennas  in  airport  buildings. 
One  airport  claims  it  is  doing  so  out 
of  concern  over  interference  with  air 
traffic  control  and  security  systems, 
but  that  rationale  is  suspiciously  self¬ 


serving.  So  that  crappy  connection 
you  get  in  the  airport  may  not  be  ran¬ 
dom  chance. 

Many  of  those  airports  are  restrict¬ 
ing  companies  that  want  to  install 
wireless  LANs.  At  least  one  admitted 
that  such  networks  would  get 
deployed  as  soon  as  the  airport  figured 
out  how  to  make  money  from  them.  As 
a  wireless  LAN  user,  this  is  a  pain,  but  I 
guess  the  airports  have  to  uphold  their 
well-deserved  reputations. 

Disclaimer:  Harvard  is  reputation- 
heavy,  but  does  not  fly.  So  the  above 
is  my  lament. 

Bradner  is  a  consultant  with 
Harvard  University’s  University 
Information  Systems.  He  can  be 
reached  at  sob@sobco.com. 


Talisma  helps  track  e-comm  customers 


BY  ELLEN  MESSMER 

KIRKLAND,  WASH.  —  Tal¬ 
isma  this  week  will  announce 
an  updated  version  of  its  cus¬ 
tomer-relationship  manage¬ 
ment  suite  that  will  help 
e-commerce  ventures  keep 
track  of  what  customers  are 
doing  and  help  them  when 
needed. 

The  Talisma  eCRM  Suite, 
which  uses  the  Microsoft  SQL 
database  to  create  a  customer 
interaction  profile,  can  be  used 
by  a  call  center  representative 
or  sales  agent  with  a  Web 
browser  to  find  a  summary  of 
customer  interaction  on  the 
Web,  e-mail  or  by  phone,  as  well 
as  purchase  history.  With  a  pro¬ 
prietary  data-mining  tool  now 
integrated  into  eCRM  Suite, Tal¬ 
isma  users  can  execute  more 
complex  applications,  such  as 
determining  marketing  cam¬ 
paigns  based  on  customer  buy¬ 
ing  and  contact  patterns. 

“Were  adding  salesforce 
automation,  workflow  for  mar¬ 
keting  campaigns  and  the  ana¬ 
lytics  to  what  are  now  17  sepa¬ 
rate  applications  that  are  part 
of  the  eCRM  suite,”  says  Mike 
McClure,  vice  president  of  mar¬ 
keting  at  Talisma.  According  to 
McClure,  pricing  for  the  prod¬ 
uct  varies  according  to  installa¬ 
tion,  but  typically  ends  up  cost¬ 


ing  a  “few  thousand  per  user” 
under  a  perpetual  license  if  the 
software  is  deployed  on  a  cor¬ 
porate  intranet,  or  a  few  hun¬ 
dred  dollars  per  month  per 
user  as  a  hosted  application. 

Talisma  s  eCRM  is  available 
now  and  includes  a  variety  of 
software  connectors  to  accept 
data  from  other  applications 
from  Remedy,  BroadVision  and 
Vignette,  to  name  a  few,  so  the 
eCRM  data-mining  capability 
could  also  be  used  to  extract 
e-commerce  reports  from 
these  vendor  e-commerce 
applications. 

Talisma  eCRM  can  provide  a 
variety  of  Web-based  interac¬ 
tions  with  customers,  includ¬ 
ing  chat  and  collaborative 
browsing.  But  Lowe’s  Compa¬ 
nies,  a  large  retail  store  chain, 
uses  Talisma  mainly  to  keep  up 
with  the  3,000  to  5,000  e-mail 
messages  it  gets  from  cus¬ 
tomers  each  week. 

Lowe  ’s  uses  Talisma  in-house 
at  its  Wilkesboro,  N.C.,  cus¬ 
tomer  care  center  to  receive 
incoming  e-mail  and  direct  it  to 
appropriate  representatives 
there  or  redirect  it  over  a  VPN- 
based  frame  relay  network  to 
any  of  three  outsourced  call 
centers  Lowe’s  uses  around 
the  country.  Outsourcing  call 
centers  is  a  common  practice 
among  large  retailers. 


According  to  Lowe’s  director 
of  customer  care,  Lenzy  King, 
Talisma  has  “a  sophisticated 
rules  engine”  to  determine  the 
nature  of  each  e-mail  “so  we 
don’t  have  to  pay  all  these  peo¬ 
ple  to  read  each  one.” 

“We  use  some  autoresponse 
and  canned  responses,  but  we 
basically  give  the  more  routine 
e-mail  to  the  outsourced  call 
centers  and  keep  the  special 
mail  requiring  detailed 
response  in-house,”  King  says. 
Corporate  policy  is  to  respond 
to  all  e-mail  within  5  hours. 

Lowe’s  will  deploy  the  new 
version  of  Talisma  eCRM  and 
plans  to  tests  its  sales  automa¬ 
tion  features,  but  Talisma  is  not 
the  only  eCRM  software 
Lowe’s  uses. 

“For  our  chat  tool,  we  don’t 
use  Talisma,  we  use  Facetime 
Communications,”  King  says. 
“That’s  because  it  has  unique 
access  to  the  AOL  and  Yahoo 
instant  messaging  networks, 
which  are  used  a  lot  by  our 
customers.” 

Talisma:  www.talisma.com 


E-commerce 
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free  newsletter. 
DocFinder:  5434 


Flypaper, 

continued  from  page  33 

venture  with  the  Dilts  Strat¬ 
egy  Group  to  provide  human 
resources  services  to  three 
Fiat  subsidiaries  in  the  U.S. 

John  Dilts,  CEO  of  the  joint 
venture,  says  his  team  is  using 
Flypaper  because  of  its  flexi¬ 
bility  and  its  ability  to  scale 
quickly.  He  says  the  venture 
foresees  rolling  out  Webcasts 
and  video-on-demand  learn¬ 
ing  tools  to  tens  of  thousands 
of  users. 

“When  we  compare  what  it 
would  cost  to  build  this  kind 
of  collaboration  site  from 
scratch  it  would  be  exponen¬ 
tially  more  expensive,”  Dilts 
says. “We  don’t  know  ultimate¬ 
ly  the  number  of  users  we’re 
going  to  have,  and  so  we 
wanted  to  start  out  small  but 
have  the  ability  to  scale.” 

In  addition,  Flypaper  can 
integrate  with  technology 
the  joint  venture  already  has, 
Dilts  says.  The  Flypaper  plat¬ 
form  is  wrapped  by  an  appli¬ 
cation  program  interface  and 
uses  an  XML  interface  or 
extensible  components  to 
allow  swift  integration,  Leak 
says. 

While  “what  you  see  is 
what  you  get”  technologies 
let  businesses  get  collabora¬ 
tion  environments  up  and 
running  within  minutes,  they 
don’t  support  brand  cus¬ 
tomization  or  integration 
with  legacy  applications. 


“Were  providing  that  same 
speed,  get-up-and-running-in- 
minutes  approach,  with  the 
ability  to  totally  customize 
and  integrate  with  your  legacy 
applications,”  Leak  says. 

Flypaper’s  platform  is  hosted 
on  Linux-based  servers  at  an 
Exodus  data  center.  Costs  start 
at  $12  per  licensed  user  per 
month,  the  company  says. 

Flypaper:  www.flypaper. 
com 


Trusted  Systems, 

continued  from  page  33 

which  lets  users  see  the 
effects  of  their  changes 
before  they  are  actually 
applied. The  software  also  has 
a  full-privilege  mode  that 
ensures  administrators  are 
not  locked  out  of  any  ACLs 
based  on  end  users’  rights. 

“You  can  use  SuperCACLS  to 
set  up  your  system  and  auto¬ 
mate  tasks  that  can  be  awk¬ 
ward  or  cause  trouble  later,” 
says  Steve  Sutton,  president  of 
Trusted  Systems. 

SuperCACLS  installs  on  a 
single  workstation  and  can 
manage  ACLs  remotely  with¬ 
out  having  to  install  addi¬ 
tional  software  on  other 
machines. 

The  software  is  currently 
available  and  pricing  starts  at 
$250  for  three  servers  and  10 
workstations. 

Trusted  Systems:  www. 
trustedsystems.com 
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1 1  exchanged  time 
with  my  network 
for  time  with  my 
customers.” 


Nigel  Panter 
Routed  IP  Director 
Band-X  Corporation 


When  Nigel  Panter  set  up  Band-X' s  trading  floor  for 


routed  IP  bandwidth,  he  knew  their  network  management 


solution  had  to  be  just  as  dynamic  as  the  service  they  provide.  Nigel 


found  that  RiverSoft  offered  the  flexibility  he  needed.  Even  in  businesses 


like  Band-X' s  exchange  where  configurations  change  many  times  daily, 


RiverSoft  solutions  are  designed  to  detect  those  changes,  keeping  the  network 


map  accurate  and  up-to-date.  RiverSoft  solutions  also  diagnose  the  root 


cause  of  network  problems  automatically,  so  the  operations  team  can  spend 


less  time  on  network  administration  and  more  time  looking  at  what  really 


counts:  customer  service.  That's  an  exchange  Nigel  can  definitely 


live  with.  To  learn  more  about  how  RiverSoft  can  help  you 


keep  pace  with  change  in  the  dynamic,  customer-focused 


world  of  IP  networks,  visit  www.riversoft.com 
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□  UR  CUSTOMERS  ARE  CHANGING  THE  WORLD. 

We  give  them  the  network  technology  to  do  it 
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,t*verv  major  industry:  Internet  services,  manufacturing,  education,  entertainment,  aerospace 

insurance,  anti  finance,  among  others. They Ve  changing  the  wav  people  work,  entertain,  and 
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think  by  changing  the  way  we  all  communicate —with  Foundry  products.  Foundry  delivers 

S  end-to-end  switching  and  routing  solutions  for  extremely  high-performance  Gigabit  Ether- 

net  or  web  switching.  Then  we  follow  through  with  24/7  support.  Want  to  change  the  world: 

Start  with  vour  network.  Visit  Foundry  today  at  www.foundrynet.eoni/partiierslron.html 
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Ask 

Dr  Intranet 


By  Steve 
Blass 


We  run 
Dynamic  Host 
Configuration 
Protocol  &  DNS 
servers  on  Windows 
2000  Server  without 
Active  Directory. 
How  do  you  send  the  Domain 
Suffix  Search  Order  to  DHCP 
clients  running  Windows  98 
and  Win  2000  Professional? 


There  is  no  built-in  option 
for  passing  the  Domain  Suffix 
Search  Order  to  DHCP  clients 
running  98  and  Win  2000  Pro¬ 
fessional.  You  can  change  the 
domain  suffix  search  order 
settings  through  the  Ad¬ 
vanced  tab  in  TCP/IP  proper¬ 
ties  under  Win  2000  Profes¬ 
sional  and  through  the  TCP/IP 
properties  button  in  98.  Right- 
click  My  Network  Places  on 
the  desktop  and  choose  Prop¬ 
erties  or  Network  and  Dial-up 
connections  (or  Network 
under  98)  in  the  control  panel 
and  click  down  into  TCP/IP 
properties,  where  you  can 
enter  the  desired  domain  suf¬ 
fix  search  order. 

I've  seen  this  issue  handled 
three  ways  in  the  field:  use 
fully  qualified  domain  names 
in  your  intranet  Web  links;  dis¬ 
tribute  instructions  for  config¬ 
uration  to  all  employees;  or 
automate  the  configuration. 

To  automate,  set  the  Win 
2000  registry  key  HKLM\Sys 
tem\Current  Control  Set\Ser 
vices\Parameters\Tcplp\Search 
List  or  the  98  key  HKLM\Sys 
tem\Current  Control  Set\Ser 
vices\VxD\MSTCP\SearchList. 
One  approach  is  to  distribute 
a  clickable  registry  script  via 
e-mail. 


Blass,  a  network  archi¬ 
tect  at  change@work  in 
Houston,  can  be  reached 
at  dr.intranet@changeat 
work.com. 


802.1  Q  VLANs  for  better  bandwidth 


BY  DAVID  GREEN 

The  IEEE’s  802. IQ  standard  was 
developed  to  address  the  prob¬ 
lem  of  how  to  break  large  net¬ 
works  into  smaller  parts  so  broadcast  and 
multicast  traffic  wouldn’t  grab  more  band¬ 
width  than  necessary.  The  standard  also 
helps  provide  a  higher  level  of  security 
between  segments  of  internal  networks. 

The  802. IQ  specification  establishes  a 
standard  method  for  inserting  virtual 
LAN  (VLAN)  membership  information 
into  Ethernet  frames. 

In  a  IAN,  datalink-layer  broadcast  and 
multicast  traffic  is  delivered  to  all  endsta- 


housing  sensitive  data  should  be  placed  in 
a  IAN  separate  from  the  average  user,  with 
router  filters  controlling  access.These  fac¬ 
tors  make  it  critical  for  network  adminis¬ 
trators  to  control  IAN  boundaries. 

A  VLAN  is  an  administratively  config¬ 
ured  LAN  or  broadcast  domain.  Instead  of 
going  to  the  wiring  closet  to  move  a  cable 
to  a  different  LAN,  network  administrators 
can  accomplish  this  task  remotely  by  con¬ 
figuring  a  port  on  an  802.1Q-compliant 
switch  to  belong  to  a  different  VLAN.  The 
ability  to  move  endstations  to  different 
broadcast  domains  by  setting  member¬ 
ship  profiles  for  each  port  on  centrally 
managed  switches  is  one  of  the  main 


ports  can  be  configured  to  transmit 
tagged  or  untagged  frames.  A  tag  field 
containing  VLAN  (and/or  802.  Ip  prior¬ 
ity)  information  can  be  inserted  into  an 
Ethernet  frame.  If  a  port  has  an  802. 1Q- 
compliant  device  attached  (such  as 
another  switch),  these  tagged  frames  can 
carry  VLAN  membership  information 
between  switches,  thus  letting  a  VLAN 
span  multiple  switches. 

There  is  one  important  caveat:  Net¬ 
work  administrators  must  ensure  ports 
with  non-802.1Q-compliant  devices 
attached  are  configured  to  transmit 
untagged  frames.  Many  network  interface 
cards  for  PCs  and  printers  are  not  802. IQ- 


HOW  IT  WORKS 


802.1QVLANs 


By  configuring  switches  to  Port  21/  Port  1/ 

transmit  802.1  Q  tagged  Ethernet  VLAN  10  VLAN  10 

frames,  network  administrators  untagged  tagged 


Port  24/  Port  4/ 

VLAN  10  VLAN  10 

tagged  untagged 


can  create  virtual  LANs  that  save 
bandwidth  and  improve  security. 


-J 


Printer 
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Switch  A 
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Switch  B 
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PC 


0ln  this  scenario,  the  printer  is  not 
802.1  Q-compliant.  The  printer  sends 
a  broadcast  frame-to  Switch  A, 
announcing  it  is  ready  to  print. 


Q  Switch  A  is  configured  to  accept 
untagged  frames  from  the  printer. 
Switch  A  recognizes  that  the  printer 
is  on  VLAN  1 0  and  sends  an  802.1  Q 
tagged  message  to  Switch  B  ports 
that  are  members  of  VLAN  10. 


Q  Switch  B  forwards  the  frame  to  all 
VLAN  10  ports.  In  this  scenario, 
the  PC  has  a  non-802.1  Q-compliant 
NIC,  so  the  tags  are  removed  from 
the  frames,  then  sent  to  the  PC. 


O  The  PC  receives  the  untagged 
broadcast  frame  and  can  then 
request  services  from  the  printer 
by  sending  a  frame  across  the 
network. 


tions,  but  this  traffic  cannot  go  beyond  the 
LAN  boundary.  In  the  past,  shared  cabling 
or  hubs  were  the  boundaries  for  LANs. 

Because  network  protocols  typically 
rely  on  broadcast  queries  to  let  end- 
stations  discover  one  another,  devices  on 
two  LANs  cannot  “see”  each  other  with¬ 
out  the  help  of  a  network-layer  device 
with  ports  in  both  LANs,  such  as  a  router. 

The  fact  that  broadcasts  are  distributed 
to  all  devices  in  a  LAN  means  LANs  cannot 
become  very  large.  If  they  do,  devices 
become  overburdened  with  broadcast 
traffic.  The  ability  of  devices  in  a  LAN  to 
discover  each  other  also  means  servers 

Got  great  ideas? 

Network  World  is  looking  for  great  ideas 
for  future  Tech  Updates.  If  you've  got  one, 
and  want  to  contribute  it  to  a  future  issue, 
contact  Features  Editor  Neal  Weinberg 
(nweinberg@nww.com). 


advantages  of  802.  IQ  VLANs. 

The  switch  acts  as  an  intelligent  traffic 
forwarder  and  a  simple  network  security 
device.  Frames  get  sent  only  to  the  ports 
where  the  destination  device  is  attached. 
Broadcast  and  multicast  frames  are  con¬ 
strained  by  VLAN  boundaries  so  only  sta¬ 
tions  whose  ports  are  members  of  the 
same  VLAN  see  those  frames.  This  way, 
bandwidth  is  optimized  and  network 
security  is  enhanced. 

802. IQ  VLANs  aren’t  limited  to  one 
switch.  VLANs  can  span  many  switches, 
even  across  WAN  links.  Sharing  VLANs 
between  switches  is  achieved  by  insert¬ 
ing  a  tag  with  a  VLAN  identifier  (VID) 
between  one  and  4,094  into  each  frame. 
A  VID  must  be  assigned  for  each  VLAN. 
By  assigning  the  same  VID  to  VLANs  on 
many  switches,  one  or  more  VLAN 
(broadcast  domain)  can  be  extended 
across  a  large  network. 

The  secret  to  performing  this  magic  is 
in  the  tags.  802.1Q-compliant  switch 


compliant.  If  they  receive  a  tagged  frame, 
they  will  not  understand  the  VLAN  tag 
and  will  drop  the  frame. 

Also,  the  maximum  legal  Ethernet 
frame  size  for  tagged  frames  was  in¬ 
creased  in  802. IQ  (and  its  companion, 
802. 3ac)  from  1,518  to  1,522  bytes.  This 
could  cause  network  interface  cards  and 
older  switches  to  drop  tagged  frames  as 
“oversized.” 

In  the  case  of  a  network  with  an  ATM 
WAN,  Ethernet  switches  with  ATM  uplinks 
can  have  a  VLAN-to-emulated-LAN  (ELAN) 
mapping  feature  that  matches  802. IQ 
VIDs  to  ATM  ELAN  names.  This  lets  the 
benefits  of  VLAN  bandwidth  optimiza¬ 
tion  and  security  be  extended  between 
campus  buildings  or  even  between 
remote  sites. 

Green  is  a  product  line  engineer  in 
the  Enterprise  Business  Systems  Group 
of  Marconi  Communications.  He  can  be 
reached  at  Dave.Green@marconi.com. 
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Gearhead  .  inside  the  network  machine  .  Mark  Gibbs 


Boldly  going  to  records 


his  week  well  begin  to  discuss  the 
■  records  that  DNS  servers  use  to 
describe  their  view  of  the  name  space 
they  are  responsible  for,  and  we’ll  dis¬ 


cuss  what  is  common  to  most  servers 
based  on  the  Berkeley  Internet  Name 
Domain  (BIND)  system,  the  original 
implementation  of  DNS. 


g  y  Update 


The  data  that  describes  what  a  DNS 
server  knows  about  are  called  “resource 
records,”  and  the  records  are  stored  in 
“flat”  (sequential  access)  database  files. 
Each  record  must  start  in  Column  1 . 

In  BIND  implementations  there  are 
usually  two  database  files  for  each  IP  net¬ 
work  the  server  manages:  One  database 


Tie  ffte  circuit’  switched  world 
Into  the  IF  universe 


Choose  IPmux: 

Voice  and  Circuit  Extension  over  IP 


Data-voice  convergence  is  available  today  -  and  you  don’t  have 
to  pay  the  cost  or  face  the  complexity  of  VoIP’s  limited  class  of 
solutions.  Based  on  TDM  over  IP  technology,  RAD’s  IPmux™  family 
transparently  converts  T1  or  El  circuits  to  IP  packets  for  transmission 
over  IP  networks.  IPmux  offers  the  features,  functionality  and  superior 
voice  quality  of  traditional  leased  line  applications  with  the  savings 
and  simplicity  of  IP  networking. 

If  you  want  to  use  IP  or  Gigabit  Ethernet  networks  without 
compromising  on  voice  quality  or  throwing  away  your  investment 
in  circuit  switching  technology:  Choose  IPmux  -  your  solution 
for  the  IP  universe. 


Who  Should  Choose  IPmux? 

•  End  Users  and  Integrators  -  Easy  data-voice  convergence  over  IP 

•  Carriers  -  Expand  market  share,  extend  your  reach  with  circuit 
extension  over  IP 

•  PBX  Vendors  -  Low  cost  and  transparent  to  your  proprietary  signaling 

•  Gigabit  Ethernet  and  Terabit  Router  Vendors  -  Add  voice  services  to 
your  product  offering 

•  Wireless  LAN  Vendors-Fast,  inexpensive  voice  to  the  remote  building 

•  Voice  Resellers -Support  SS7,  PRI  and  other  signaling  protocols 
transparently  for  Toll  Bypass  applications 


Freedom  of  Choice 


;  ■  '  98  •  RAD.  Data  Communications  has  been  giving  carriers,  service  providers  and  corporate  networks 

1  .  i  v  need  to  gain  the  competitive  edge.  A  world  leader  in  internetworking  solutions,  RAD  offers 

i,  of  data  communications  and  telecommunications  tools.  RAD  provides  customers  with  an 
ur.i  ■■ .  ;  y  i oatibie  product  line  required  to  meet  today's  demands  and  tomorrow's  challenges. 
Make  your  choice  today.  Cal!  us  at  1-800-444-7234  or  visit  our  Web  site  at  www.rad.com 


data  communications 


www.rad.com 


file  maps  host  names  to  IP  addresses 
(“forward  mapping”),  and  the  other 
maps  IP  addresses  to  names  (“reverse 
mapping”). 

While  the  order  of  records  in  the  data¬ 
base  files  isn’t  important,  most  sys¬ 
admins  follow  the  sequence  below. 

The  first  record  in  the  forward  and 
reverse  mapping  database  files  is  usually 
the  start  of  authority,  or  SOA,  record, 
which  looks  like  this: 

redqueen.com.  IN  SOA 

alice.redqueen.com. 
admin.redqueen.com.  ( 

200103051053  ;  Serial 
86400  ;  1  day  refresh 

3600  ;  1  hour  retry 

604800  ;  1  week  expiration 

86400  )  ;  1  dayTTL 

The  first  line  declares  that  for  the 
zone  “redqueen.com”  the  machine 
“alice.redqueen.com”  is  the  authorita¬ 
tive  DNS  server.  The  IN,  for  Internet, 
declares  the  “class”  of  the  data  and,  if 
omitted,  is  normally  automatically 
assumed.  “Admin.redqueen.com”  is  the 
name  of  the  sysadmin  for  the  zone  — 
you  replace  the  first  period  with  an 
to  derive  the  correct  address.  (There’s 
also  a  record  type,  Responsible  Person 
or  RP,  that  can  also  be  used  to  define  the, 
well,  person  responsible  for  the  server 
—  we’ll  cover  this  later.)  Note  the  peri¬ 
ods  after  the  name  strings  —  that’s  the 
standard  for  terminating  name  strings. 

The  data  fields  between  the  parenthe¬ 
ses  (which  allow  the  data  to  be  split  over 
multiple  lines)  are  for  the  information  of 
slave  or  secondary  name  servers. 

The  serial  is  a  value  that  indicates  the 
version  of  the  zone  data  and  should  be 
incremented  whenever  it  is  updated. 
The  format  we’ve  used  here  is  YYYY- 
MMDDHHMM.  The  secondary  servers 
use  the  serial  to  determine  if  they  have 
the  latest  version  of  the  data  (they  check 
their  own  serial  against  that  of  the  pri¬ 
mary  server  and  refresh  if  their  value  is 
less).  The  refresh  value  (in  seconds) 
defines  how  frequently  the  secondary 
servers  need  to  check  back  with  the  pri¬ 
mary  for  updates. 

Retry  is  the  frequency  of  attempts  by 
the  secondary  to  check  with  the  pri¬ 
mary  after  a  failed  attempt.  If  the  retries 
aren’t  successful,  the  expiration  value 
defines  after  how  long  the  secondary 
stops  giving  out  data  because  it  cannot 
be  trusted  to  be  accurate. 

TTL,  or  Time  To  Live,  specifies  how 
long  the  resource  records  are  valid  and  is 
part  of  the  response  to  a  query.  If  a  pri¬ 
mary  or  secondary  DNS  server  in  the 
redqueen.com  zone  answers  a  query  for 
a  resolver  or  a  referral  from  another 
server,  the  TTL  defines  how  long  that 
response  is  valid  if  cached  by  the  enquir¬ 
er.  After  that,  the  query  should  be  reis¬ 
sued  by  the  resolver  or  referring  server. 

Darn,  another  week  of  DNS  and  we’ve 
run  out  of  space!  More  next  week. 


Your  records  to  gearhead@gibbs.com. 


Is  VoIP  a  good 


bet  for  the  enterprise? 


Voice  over  IP  offers  integration  and  cost  benefits,  but  there  are  areas  where  using  the  technology  doesn’t  make  sense. 


YES 


BY  LARRY  HETTICK 


NO 


BY  STEVE  TAYLOR 


Voice  over  IP  is  ready  for  prime  time  in  the  enterprise  network  for  three  rea¬ 
sons.  First,  voice  over  IP  helps  companies  begin  to  integrate  corporate  data  appli¬ 
cations  with  voice  applications.  Second,  voice  over  IP  can  bring  significant  sav¬ 
ings  on  international  calls. Third,  an  organization  doesn’t  have  to  “go  it  alone”  to 
make  the  transition  to  a  voice-over-IP  network. 

Voice  over  IP  enables  applications  that  are  not  available  from  today’s  pubic 
switched  telephone  network  (PSTN)  voice  switching  equipment.  Enterprise  call 
centers  can  use  voice  over  IP  to  voice-enable  Web  pages.  Using  voice-over-IP- 

enabled  browsers  and  a  “click-to-talk”  feature,  customers, 
road  warriors  and  telecommuters  can  connect  across 
Internet  and  intranet  connections.  Integrated  e-mail, 
voice  mail  storage  and  call  records  are  also  made  possi¬ 
ble  using  voice  over  IP.A  calling  party  can  leave  voice 
mail  that  is  stored  on  the  called  party’s  e-mail  system. 

The  called  party  can  retrieve  his  voice  mail  and  click  on 
the  text  message  to  return  the  call  or  leave  a  voice  mail 
reply. 

Voice  over  IP  can  save  the  enterprise  customer  big 
bucks  on  international  calls.  When  I  visited  Kuala 
Lumpur  recently,  a  call  from  Malaysia  to  the  U.S.  cost 
$1.10  per  minute  over  the  PSTN.  But  by  using  a  high-speed  Internet  connection 
in  my  hotel  room  at  a  flat  rate  of  $  18  per  day,  I  could  launch  a  voice-over-IP  call 
for  8  cents  per  minute  to  connect  to  the  U.S.  PSTN.  A  two-hour  voice-over-IP  call 
offered  a  $104.40  savings. 

Applications  that  launch  a  Web-initiated  call  can  also  create  savings  for  enter¬ 
prise  customers.  For  example,  by  downloading  NetSpeak’s  plug-in,  businesses  in 
China  can  let  customers  anywhere  in  the  world  contact  them  at  no  charge  using 
a  click-to-talk  feature. 

However,  from  a  cost-savings  standpoint,  implementing  voice  over  IP  for 
domestic  enterprise  calls  doesn’t  make  much  sense.  Domestic  PSTN  long-dis¬ 
tance  costs  3  cents  to  4  cents  per  minute;  domestic  voice-over-IP  calls  on  public 
voice-over-IP  networks  and  VPNs  cost  about  the  same. 

When  making  the  transition  to  voice  over  IP,  enterprise  telecommunications 
managers  have  many  architectural  choices,  and  wholesale  changes  in  existing 
equipment  are  not  needed. The  company  can  upgrade  from  traditional  PBX  con¬ 
figurations  with  existing  vendors  such  as  Nortel  Networks,  NEC  and  Avaya,  or 
install  a  next-generation  IP  PBX.  Premises-based  voice-over-IP  gateways  from 
incumbents  such  as  Lucent  and  Cisco  and  new 
entrants  like  Vpacket  and  Clarent  let  enterprise  cus¬ 
tomers  use  existing  equipment.  Or  companies  can  opt 
for  end-to-end  voice-over-IP  services,  such  as  those 
recently  announced  by  AT&T  and  WorldCom  .  This 
option  lets  businesses  combine  voice,  fax  and  data 
traffic  on  a  single  integrated  IP  connection  managed 
by  the  service  provider. 

Indeed,  voice  over  IP  is  ready  for  the  corporation  — 
it  brings  new  integrated  applications,  saves  money  on 
international  calls  and  many  partners  are  ready  to  help 
users  implement  it. 


Hettick  is  vice  president  of  consulting  at  TeleChoice,  a 
telecommunications  market  strategy  consultancy.  He 
can  be  reached  at  lhettick@telechoice.com. 


Voice  over  IP  works,  in  some  cases,  extremely  well.  But  there’s  a  big  differ¬ 
ence  between  something  working  and  its  being  ready  for  prime  time.  Let’s 
look  at  some  places  where  voice  over  IP  doesn’t  make  sense. 

Start  with  voice  over  the  Internet. The  inherent  delays,  coupled  with  the 
current  lack  of  quality  of  service  (QoS),  has  relegated  this  application  to  the 
realm  of  college  students  and  others  who  will  put  up  with  low  quality  simply 
because  the  application  is  free  (or  very  inexpensive).  Will  quality  improve? 
Maybe.  But  for  now  the  only  real  application  I  see  is  for  personal  —  not  busi¬ 
ness  —  communications  with  friends  and  family  in 
countries  where  decent  voice  calls  are  prohibitively 
expensive. 

Next,  consider  voice  over  the  corporate  intranet 
using  voice  over  IP  to  interconnect  remote  PBXs  for 
intracorporate  “on-net”  voice  calls.  Again,  voice  over  IP 
works  here. The  voice  algorithms  sound  great,  and 
because  the  IP  is  probably  running  over  a  frame  relay, 

ATM  or  Multi-protocol  Label  Switching  infrastructure, 

QoS  is  sufficient.  But  if  you’re  running  IP  over  frame 
relay  or  ATM,  why  not  save  even  more  money  by  sim¬ 
ply  running  voice  over  frame  relay  or  voice  over  ATM, 
thereby  eliminating  the  overhead-intensive  IP  protocol  layer? 

The  issue  of  transporting  your  voice  over  the  corporate  intranet  deserves 
careful  consideration. There’s  always  a  temptation  to  view  the  intranet  as  a 
fixed-cost  asset,  so  doing  voice  over  IP  (or  voice  over  frame  relay  or  ATM)  is 
considered  “free.”  But  the  real  cost  comes  in  small  part  from  capital  equip¬ 
ment  costs  and  in  large  part  from  operational  and  administrative  costs.  Before 
you  jump  headlong  into  a  new  intracorporate  voice  network,  calculate  your 
internal  cost  per  minute  for  supporting  your  own  voice  network.  With  the 
upper  limit  on  costs  being  the  ability  to  go  to  your  local  discount  outlet  and 
buy  toll  quality  prepaid  calling  cards  for  4.2  cents  per  minute  (and  falling), 
the  internal  support  costs  better  be  extremely  low. 

Don’t  forget  about  interoperability  of  products. The  perception  is  that  with 
IP  emerging  as  the  “universal  Layer  3  protocol,”  voice  over  IP  will  be  totally 
interoperable. At  the  basic  telephony  layer  that’s  true:The  sound  —  and  even 
the  dialing  instructions  —  will  be  transmitted.  As  long  as  you  stick  with  a  sin¬ 
gle  vendor’s  implementation  of  advanced  calling  features,  you’ll  get  those 
advanced  calling  features.  But  you  won’t  get  the  level  of  interoperability  you 

get  with  today’s  traditional  telephony  network. The 
standards  for  Media  Gateway  Control  Protocol  and 
Session  Initiation  Protocol  promise  to  deliver  these 
interoperable  features  —  eventually. 

The  real  promise  for  voice  over  IP  comes  in  the 
converged  applications  that  take  advantage  of  inte¬ 
gration  of  applications  for  more  than  traditional 
telephony.  We’re  getting  there  quickly,  but  for  now, 
voice-over-IP  implementers  must  determine  the 
extent  to  which  they’re  willing  to  be  on  the  leading 
edge  vs.  the  bleeding  edge. 

Taylor  is  president  of  Distributed  Networking 
Associates  in  Greensboro,  N.C.,  and  publisher  of 
Webtorials.com.  He  can  be  reached  at  taylor@webto- 
rials.com. 
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Editorial 


Collaborative  effort 
simplified  using  WebEx 


▼  'T’  eb-based  presentations  improve 
\  V  J  on  standard  conference  calls 

\/\/  because  they  add  visual  cues 
yf  yf  that  keep  the  mind  focused.  But 
even  more  impressive  are  interactive  sessions 
that  let  participants  annotate  what  they  see  or 
take  control  of  the  applica¬ 
tion  being  used. 

While  many  products  sup¬ 
port  these  capabilities,  WebEx 
is  impressive.  It’s  easy  to  use 
(see  a  demo  at  webex.com), 
has  high  performance  (the 
company  owns  its  own  global 
network),  and  its  presentation 
controls  are  preserved  by 
keeping  everything  in  its  origi¬ 
nal  format  (many  translate 
content  into  HTML). 

Once  users  register  and  download  a  small 
client  (less  than  2M  bytes),  they  can  participate 
in  online  meetings  involving  presentation/docu¬ 
ment  viewing,  application  sharing,  follow-me 
Web  navigation  and  desktop  sharing  (aka 
remote  control).  For  audio,  participants  call  into 
a  central  number  or  WebEx  calls  out  to  them 
(there  is  also  a  VoIP  option  but  we  ll  skip  that). 
Minimum  bandwidth  to  play  is  56K. 

WebEx  can  be  used  to  deliver  PowerPoint 
presentations,  but  its  real  power  is  interactivity. 
You  can  use  the  service  to  share  everything 
from  Excel  worksheets  to  AutoCAD  drawings  to 
Photoshop  images.The  presenter  can  let  partici¬ 
pants  draw  on  the  screen  or  even  take  control 
and  manipulate  the  content. 

For  example,  a  remote  ad  designer  might 
want  to  take  control  of  a  Photoshop  image  and 
suggest  some  tweaks. 

If  participants  have  Web  cameras,  you  can 
even  support  videoconferencing,  but  that 
doesn’t  add  much.  After  all,  if  the  subject  of 
discussion  is  an  AutoCAD  design,  all  the  par¬ 
ticipants  will  be  focused  on  that. 

One  of  the  beauties  of  the  system  is  partici¬ 
pants  share  the  presenters’  application,  so  they 
don’t  need  their  own  copies. All  changes/ 
updates  are  captured  on  one  central  copy. The 
presenter  can,  however,  enable  a  save  function 
and  let  people  download  their  own  versions. 

All  in  all,  the  system  looks  slick.  It’s  free  for 
up  to  four  participants  for  hour-long  meetings 
or  can  be  used  on  a  pay-per-view  basis  for  35 
cents  per  minute,  per  user. The  company  makes 
the  bulk  of  its  money  selling  the  service  on  a 
$100  per  seat,  per  month  basis,  meaning  a  com¬ 
pany  might  buy  10  ports  and  make  them  avail¬ 
able  to  employees  on  an  as-needed  basis. 

Give  it  a  look. 

—  John  Dix 
Editor  in  chief 
jclix@mvw.com 
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Flawed  standard 

Your  review  “Putting  802.11b  to  the  test” 
(www.nwfusion.com,  DocFinder  3222)  men¬ 
tions  the  Wire  Equivalent  Privacy  (WEP)  pro¬ 
tocol.  Readers  should  be  aware  that  re¬ 
searchers  at  the  University  of  California  at 
Berkeley  recently  found  major  security  flaws 
in  WEP  (see  www.isaac.cs.berkeley.edu/ 
isaac/wep-faq.html  and  www.isaac.es. 
berkeley.edu/isaac/wep-draft .  pdf) . 

The  researchers  changed  a  few  driver  settings 
in  a  Lucent  Orinoco  system  and  used  it  to  inter¬ 
cept  encrypted  traffic. Then  they  took  advantage 
of  some  serious  flaws  in  WEP  to  decrypt  the 
traffic. 

WEP  uses  a  stream  cipher,  which,  coupled  with 
a  limited  number  of  initialization  vectors  and  a 
linear  cyclic  redundancy  check,  makes  for  some 
interesting  attacks  on  the  cipher  stream  (both 
passive  and  active). The  active  attacks  are  really 
damaging,  since  they  let  an  outsider  appear  as  a 
valid  user. 

It  doesn’t  look  like  it  will  be  possible  to  fix  this 
problem  unless  the  protocol  is  scrapped  and 
replaced  with  something  else  —  which  would 
require  a  big  change  to  the  standard. 

Kevin  McGee 
Electrical  engineer 
McGee  Consulting 
Newport,  R.I. 

Apple  of  their  eye 

Regarding  your  review  “Let’s  talk  about  NICs” 
(www.nwfusion.com,  DocFinder  3223):  As  a  user 
of  the  Macintosh  Powerbook,  which  has  an  inter¬ 
nal  AirPort  card  and  a  great  antenna  designed  into 
it,  I  wonder  why  you  did  not  mention  the  Mac¬ 
intosh  (except  as  a  passing  comment  at  the  end 
with  respect  to  drivers)? 

I’m  not  necessarily  a  Macintosh  zealot,  but 
you  have  to  hand  it  to  Apple  for  kick-starting  the 
whole  802.11  effort  with  the  AirPort.  While  few 
companies  will  likely  use  AirPorts  in  the  work¬ 
place,  I’d  be  willing  to  bet  that  quite  a  few  (even 


Windows-based)  wireless  laptop-toting 
employees  are  going  to  want  to  talk  to  an 
AirPort  hub  at  home.  I  would  have  liked  to 
see  how  the  AirPort  performed  compared 
with  the  other  hubs  you  tested.  I  would  also 
have  liked  to  hear  about  interoperability  test¬ 
ing  between  Windows  cards  and  the  AirPort. 

Also,  it’s  worth  pointing  out  that  Windows 
notebook  vendors  need  to  design  better  anten¬ 
nas  into  their  cases  and  provide  for  internal 
802.11  cards. 

Steve  Lemke 
Sunnyvale,  Calif. 

Your  Buyer’s  Guide  to  wireless  LAN  access  points 
(www.nwfusion.com,  DocFinder  3224)  omitted 
the  Apple  AirPort,  which  works  just  as  well  for 
Wintel  machines  as  Macs.  Considering  that  the 
AirPort  was  the  first  802.11  solution  to  catch  the 
consumer’s  eye,  its  omission  suggests  an  unfortu¬ 
nate  anti-Apple  bias. 

Brian  Shaw 
Falmouth,  Maine 

Another  approach 

I’m  not  sure  that  the  information  in  Kevin  Flood’s 
column  “The  forgotten  side  of  network  security” 
(www.nwfusion.com,  DocFinder  3225)  is  really 
helpful  or  new.  It  has  always  been  clear  that 
security,  performance  and  cost  represent  the 
three  corners  of  a  triangle.  You  cannot  reside  in 
all  three  at  once  but  must  choose  a  spot  some¬ 
where  in  the  middle,  balancing  moderate  security 
against  some  performance  and  cost  trade-offs. 

Far  more  useful  would  be  a  discussion  of  how 
to  architect  one’s  security  controls  for  optimum 
performance  and  transparency.  For  example,  a 
well-controlled,  distributed  network  of  firewalls 
providing  multiple  points  of  Internet  presence 
eliminates  many  demilitarized-zone  bottlenecks 
and  increases  local  response  times  and  availa¬ 
bility.  This  would  have  been  a  more  useful 
approach  than  one  that  leaves  people  with  the 
idea  that  security  represents  a  total  impasse  to 
the  business. 

Adrian  Wright 
London 


E-mail  letters  to  jdix@nww.com  or  send 
them  to  John  Dix,  editor  in  chief,  Network 
World,  1 18  Turnpike  Road,  Southborough, 
MA  01772.  Please  include  phone  number 
and  address  for  verification. 
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Yankee  Ingenuity .  Howard  Anderson 

Congratulations!  You’re  AT&T  President  for  the  Day 


ay  job  got  you  down?  I  am  making  you  AT&T 
President  for  the  Day  —  you  are  now  Mike 
Armstrong.  Get  ready  to  make  some  decisions. 

Your  sales  are  $67  billion.  Business  cus¬ 
tomers  are  half  your  business,  and  they  were 
down  11%  last  year  —  and  you  expect  them 
to  go  down  another  17%  this  year.  AT&T  had  modest 
debt  when  you  took  over  three  years  ago.  You  now 
have  $62  billion  in  debt.  (MediaOne  and  TCI  didn’t 
come  cheap  —  $100  billion  for  the  pair.)  You  are 
“The  Man"  in  cable,  with  24%  of  the  market. Your 
broadband  business  is  up  10%;  your  wireless  business 
is  up  35%. Your  long-distance  business,  however,  will 
shrink  this  year  by  $6  billion  to  $29  billion. 

You  aren’t  the  only  one  with  this  problem.  World- 
Corn’s  voice  business  is  down  7%  and  Bernie  Ebbers 
is  trying  like  hell  to  get  out  of  the  consumer  market. 
Sprint’s  no  better  off.  Long-distance  is  turning  into  a 
pure  commodity.  You  always  knew  this  was  going  to 
be  the  case,  but  you  hoped  the  new  businesses 
(McCaw, Teleport, TCI,  MediaOne)  could  grow  fast 
enough  to  offset  the  decline.  Nice  try. 


The  problem  is  the  stock  market 
hates  you  and  your  company.  While 
the  rest  of  the  world  values  cable 
stocks  on  either  cash  flow  or  at 
$4,000  per  subscriber,  they  value  you 
on  quarter-to-quarter  earnings.  While 
they  value  the  wireless  industry  on 
“potential,”  your  tracking  stock  has 
stumbled.The  market  has  taken  your 
market  cap  from  $250  billion  to  $81 
billion  and  your  stock  price  from  $60  to  $20  in  just 
the  past  24  months. 

Your  team  is  demoralized;  their  stock  options  are 
so  far  under  water  they  look  like  submarines.  You 
convinced  Dave  Dorman  to  come  in  and  share  your 
pain;  you  gotta  think  of  a  way  to  unlock  some  of  this 
value.  Your  wireless  business,  if  a  stand-alone  com¬ 
pany,  would  be  worth  $27  billion. Your  broadband 
business,  if  stand-alone,  would  be  worth  $23  billion. 
Your  consumer  business  would  be  worth  another 
$23  billion,  and  your  business  sector  would  fetch 
more  than  twice  that  —  $56  billion.There  you  have 


it:  the  break-up  value  is  $129  billion, 
or  a  50%  premium.  How  Dorman  is 
ever  going  to  figure  out  who  owns 
the  “AT&T  brand”  is  beyond  me,  but 
that’s  another  problem  that  will  have 
to  be  addressed. 

Then  there’s  your  credibility  prob¬ 
lem.  You  told  Wall  Street  two  years  ago 
that  “Fortune  favors  the  bold”  —  and 
the  Street  bought  it  for  a  while.  A 
while  is  over.  The  venture  capitalists  are  stealing 
your  best  people,  and  your  Internet  strategy  is  all 
over  the  map.  You  own  a  deteriorating  brand,  and 
your  best  product,  long-distance,  is  no  longer  a  cash 
cow.  Essentially,  long-distance  is  free  and  every 
regional  Bell  operating  company  is  getting  in. 

If  you  were  Mike,  what  would  you  do? 

Anderson  is  senior  managing  director  of 
Yankee tek  Ventures,  a  Cambridge,  Mass,  early 
stage  venture  capital  firm.  He  can  be  reached  at 
handerson@yankeetek.com. 


Security  Perspectives .  Benjamin  Grubin 

What  integrators  won’t  tell  you  about  security 


As  the  number  of  Internet-based  companies 
grows,  the  incidence  of  computer-related 
crime  continues  to  rise.  According  to  widely 
published  research  by  the  FBI  and  the 
Computer  Security  Institute,  Internet-based 
attacks  now  outpace  internal  fraud  and  abuse 
problems.  This  is  a  wake-up  call  to  every  organiza¬ 
tion  doing  business  on  the  Internet. 

How  are  companies  dealing  with  this  issue,  you 
might  ask? 

A  logical  place  to  look  for  the  answer  would  be 
one  of  the  hundreds  of  e-business  application/inte¬ 
gration  firms.  After  all,  these  are  the  folks  that  design 
and  produce  the  software  on  which  70%  to  80%  of 
today’s  e-businesses  depend.  Unfortunately,  these 
integrators  have  known  since  the  beginning  that  the 
applications  they  use  to  build  their  megasites  are 
inherently  buggy. 

The  problem  comes  when  we  convince  ourselves 
that  buggy  software  just  causes  a  site  to  crash. This  is 
one  of  the  most  common  and  most  dangerous  mis¬ 
conceptions  in  the  industry. The  same  bugs  that 
cause  a  site  to  crash  provide  wonderful  opportuni¬ 
ties  for  hackers  to  break  in.  In  the  past  24  months, 
the  frenzy  to  get  “on  the  net”  has  resulted  in  many 
online,  mission-critical  businesses  being  built  with¬ 
out  even  basic  security  and  privacy  control  mecha¬ 
nisms. The  thinking  has  been  “build  it  fast,  get  it  done 
and  fix  the  problems  in  Rev  2.” 

The  problem  is  truly  viral  —  except  this  virus  is 
spread  by  being  one  of  the  downstream  clients  of  an 
integration  firm  that  lacks  true  security  talent. The 
tendency  to  re-use  past  solutions  is  inherent  in  the 
e-business  integration  model.  Once  you  learn  how  to 
do  something  in  a  services  company,  the  way  to 
make  money  is  to  do  the  same  thing  again  and  again, 


only  faster  and  across  a  broader  base  of  clients.  Not 
good  if  the  application  architecture  is  flawed  from 
the  beginning. 

The  solution  for  the  integrators,  of  course,  is  to  hire 
and  retain  security  consultants  who  then  become  part 
of  the  consulting/development  process.  As  it  turns 
out,  this  is  easier  said  than  done.  Security  professionals 
are  in  hot  demand,  and  in  my  experience  they  are  far 
more  attracted  to  security-focused  organizations.  After 
all,  who  wants  to  be  a  roadie  to  an  e-business  rock  star 
when  you  can  work  for  an  organization  that  places 
your  skills  at  a  premium? 

So  if  you’re  thinking  of  launching  a  new  online 
business  and  you  don’t  want  to  find  yourself  in  the 
morning  news  or  sweating  it  out  in  an  all-night 
forensics  effort,  a  few  pointed  questions  can  go  a 
long  way. 

Here’s  a  list  of  10  things  you  should  ask  your  inte¬ 
grator  before  embarking  on  any  major  development 
effort: 

•  How  do  you  address  the  storage  of  confidential 
and  private  information,  and  what  precautions  are 
taken  to  ensure  that  it  remains  secure? 


•  Will  the  applications  and  operating  systems  used 
in  the  design  of  my  system  be  evaluated  for  security 
mechanisms  and  risks  as  part  of  the  selection  criteria? 

•  What  mechanisms  do  you  have  to  ensure  you  are 
working  with  up-to-date  applications  and  patches  for 
each  application  and  operating  system? 

•  What  steps  will  you  take  to  ensure  all  network 
devices  are  as  safe  as  possible  from  attack  and  abuse? 

•  What  types  of  security  testing  do  you  perform 
during  quality-assurance  cycles? 

•  What  security  standard(s)  does  your  integration 
team  follow  to  ensure  that  all  aspects  of  their  work 
incorporate  best  practices? 

•  Will  certified  and  experienced  digital  security 
professionals  be  assigned  to  my  project,  and  will 
they  provide  detailed  assessments  of  the  application 
and  infrastructure  risks? 

•  Will  security  professionals  oversee  all  aspects  of 
the  technical  development  to  ensure  that  best  prac¬ 
tices  are  followed  in  all  phases? 

•  What  mechanisms  are  in  place  to  ensure  recov¬ 
ery  from  a  disaster  or  security  incident? 

•  Does  your  organization  take  similar  security  pre¬ 
cautions  for  your  own  business  and  if  so,  how  do 
you  protect  the  intellectual  property  and  technology 
that  you  are  developing  on  my  behalf? 

From  these  questions  it  will  be  easy  to  ascertain 
your  integrator’s  level  of  digital  security  competency. 
If  the  answers  aren’t  clear  or  don  t  reference  widely 
accepted  security  standards,  consider  getting  addi¬ 
tional  help.  After  all,  if  you’re  building  a  piece  of  the 
new  economy,  you  may  as  well  build  it  to  last. 

Grubin  is  a  global  security  advisor  for  Guardent ,  a 
Boston  provider  of  end-to-end  digital  security  solu¬ 
tions.  He  can  be  reached  at  bgnibin@guardent.com. 
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most  organizations,  the  migration  to  voice  over  IP  is 
being  held  in  check  by  the  inertia  of  two  separate 
voice  and  data  networks  that  work  just  fine.  Howev- 
m  S'  1®  er,  nature  sometimes  gives  things  a  push. 

I  H  ■  The  state  of  Connecticut  had  consolidated  its  data 
and  telecommunications  staffs  in  anticipation  of  the 
eventual  convergence  when  heavy  rains  last  winter 
flooded  the  basement  of  the  century-old  building  in 
Hartford  that  housed  the  data  and  network  opera¬ 
tions  centers. 

Last  March,  public  works  inspectors  checking  for 
flood  damage  found  that  some  accumulated  rainwater  was  the  least  of 
the  Connecticut  Department  of  Information  Technology’s  problems. 

An  underground  river  was  pulling  the  earth  out  from  under  the 
building.  There  were  cracks  in  the  foundation,  and  one  whole  sec¬ 
tion  of  the  building  had  sunk  five  inches  and  acquired  a  5-degree  list. 
The  building  was  condemned,  and  the  agency  had  to  find  a  new 
home  for  its  data  and  network  operations  centers  and  about  240 
employees  —  and  get  them  moved  and  up  and  running  quickly. 

But  it's  an  ill  wind  that  blows  no  good,  and  Connecticut's  IT 
department  decided  to  use  the  disas¬ 
ter  as  a  catalyst  for  change. 

In  less  than  a  month,  a  new  facility 
was  procured.  It  already  had  a  Lucent 
PBX,  but  the  software  was  several  gen¬ 
erations  out  of  date. 

“It  was  going  to  cost  a  lot  to  upgrade 
the  switch,  and  the  resulting  platform 
would  still  leave  a  lot  of  functionality 
off  the  table,”  says  Rock  Regan,  the 
suite's  CIO.  “We  had  to  rewire  the 
building  for  data  anyway,  so  we  started 
thinking  it  would  be  a  good  time  to 
look  at  a  converged  solution.” 

Regan’s  team  checked  the  numbers 
and  found  that  a  single  converged  net¬ 
work  offered  a  much  lower  cost  per 
seat  than  a  traditional  PBX  with  a  sepa¬ 
rate  network  for  data.  Moreover,  the 
voice-over-IP  network  could  also  be 
implemented  much  more  quickly. 

The  emergency  move  left  no  time  to 
evaluate  competing  solutions.  Already 
Cisco  shop  on  the  data  side,  the  IT 


Cisco’s  Call  Manager  3.0  software.  The  MCS  7835  barely  got  to  mar¬ 
ket  in  time  for  the  move;  in  fact,  one  of  the  state’s  servers  has  serial 
number  2. 

There  are  358  Cisco  7960  IP  phones  on  the  desktops  connected  to 
Catalyst  6509  switches.  Cisco’s  Open  Network  Exchange  (uOne) 
voice-messaging  application  runs  on  a  separate  server,  and  is  used 
for  voice  mail  and  group  announcements.  The  MCS  platform  also 
supports  interactive  voice  response,  but  Connecticut’s  IT  depart¬ 
ment  hasn’t  implemented  it  yet. 

Like  a  PBX,  the  Catalyst  switches  can  deliver  in-line  electrical 
power  over  the  same  cable  used  to  transmit  the  voice  calls,  so  that 
phone  service  isn’t  cut  off  immediately  in  the  event  of  a  power  fail¬ 
ure.  The  switches  send  48  volts  down  the  Ethernet  cable  and  can 
continue  to  do  so  until  they  run  out  of  battery  back-up  power. 

The  converged  network  went  live  last  June,  and  the  IT  depart¬ 
ment  now  has  358  of  its  staff  members  —  in  the  headquarters  facili 
ty  and  in  remote  offices  across  the  state  —  on  voice  over  IP.  The 
agency  is  testing  voice  over  IP  internally  before  deploying  it 
throughout  the  state  government. 

"We  are  now  in  the  process  of  developing  a  whole  new  set  of  stan¬ 
dards  for  the  state,”  Regan  says.  “Once  they  are  in  place,  other  agencies 
will  have  the  state's  blessing  to  go  ahead  and  move  to  [voice  over  IP].” 


The  state  of  Connecticut's  VoIP  network 


When  most  of  the  state  of  Connecticut's  Department  of  IT's  building  was  condemned,  it  quickly  deployed  a  voice- 
over-IP  network  in  its  new  office  space.  Nearly  360  Cisco  7960  IP  phones  are  connected  to  Catalyst  6509  switches, 
which  in  turn  access  two  redundant  Cisco  Media  Convergence  Server  7835s  running  Call  Manager  3.0. 
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Offices  around  the  state  that  have  sunk  investments  in  relatively 
new  PBX  equipment  will  continue  to  use  it,  but  Regan  plans  to 
build  out  the  voice-over-IP  network  wherever  possible.  “It  appears 
to  be  very  scalable  and  should  meet  our  needs  nicely,"  he  says. 

Despite  the  earlier  consolidation  of  the  data  and  voice  organiza¬ 
tions,  Regan's  team  struggled  somewhat  w  ith  the  implementation. 
The  telecommunications  people  weren't  used  to  dealing  with  such 
an  open,  flexible  platform,  forcing  the  LAN  support  people  to 
help.  “Voice  over  a  converged  netw’ork  is  very  different  from  voice 
in  the  PBX  environment,  and  we  had  to  do  some  learning  about 
roles  and  responsibilities,”  Regan  says. 

All  in  all.  though,  Regan  likes  the  softw  are-driven  nature  of 
voice  over  IP,  with  its  distributed  functionality  and  centralized  con¬ 
trol.  “It  falls  in  line  with  w’hat  we  w  ere  already  trying  to  do  within 
our  traditional  voice  and  data  organizations  —  consolidation  of 
activities  in  order  to  provide  centralized  support,”  he  says. 

The  IT  department’s  help  desk  is  still  based  on  traditional  telepho¬ 
ny,  but  the  IT  department  plans  to  move  it  to  voice  over  IP  w  hen  the 
data  center  is  moved  to  the  new  building  later  this  year.  “Support 
staff  are  distributed  throughout  other  state  agencies,  and  many  of 
them  are  at  different  locations  on  irregular  schedules,”  Regan  says. 
The  [voice-over-IP]  system  lets  the  staff  s  phone  numbers  move 
with  them  across  our  WAN,  which  w  ill  greatly  increase  user  confi¬ 
dence  in  the  availability  of  knowledgeable  support  professionals.” 

The  technology  is  in  an  early  state  of  evolution  and  falls  a  bit 
short  in  some  areas.  There  is  no  integrated  fax  capability,  and 
Regan’s  team  had  to  run  analog  fax  lines  to  otherwise  converged 
offices.  There  is  also  no  IP  conference  phone  available  yet  for  use 
in  big  conference  rooms.  Cisco’s  IP  Conference  Station  7935. 
announced  last  November,  is  scheduled  for  release  by  mid  year. 

But  despite  these  shortcomings,  “we  like  to  be  on  the  forefront  of 
this,  and  have  some  input  into  where  Cisco  is  going,”  Regan  says. 

A  company  spokesman  says  Cisco  has  now  sold  more  than  one 
million  enterprise  voice-over-IP  ports  and  is  shipping  more  than 
1,500  IP  phones  per  day.  “We  are  just  on  the  cusp  of  widespread 
enterprise  deployment,”  says  Pete  Daily,  a  partner  and  global  busi¬ 
ness  manager  at  market  research  firm  Frost  &  Sullivan.  “It’s  been  a 
slow  row  to  hoe  because  of  concerns  about  call  quality’,  manage¬ 
ability  and  cost.  The  products  were  good  last  year,  but  perception 
has  lagged  behind  reality.” 

The  Connecticut  IT  department’s  experience  seems  to  confirm 
this.  Regan's  team  initially  evaluated  Call  Manager  2.4  softw  are  and 
found  it  a  bit  lacking,  but  reports  that  the  3.0  release  provides 
greatly  improved  voice  quality.  The  two  people  dedicated  to  sup¬ 
porting  the  voice-over-IP  network  give  high  marks  to  the  point- 
and-click  management  interface,  which  eases  configuration  and 
troubleshooting  tasks. 

“I'm  not  sure  the  technology  is  100%  ready  for  prime  time,  but 
it's  very’,  very’  close,”  Regan  says.  “After  hearing  so  much  about 
convergence  for  years,  we  finally  have  something  real.  People 
need  to  look  at  it,  touch  it  and  start  making  decisions  about  it.” 


Breidenbach  is  a  freelance  technology  journalist  and  consultant. 
She  can  be  reached  at  sbreidenbach@usa.net. 
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But  gateway-to-gateway  problems  persist, 
anti  configuration  remains  difficult. 


BY  BETSY  YOCOM,  UWE  BILGER,  ROB  SMITHERS  AND  MICHAEL  HOMMER, 

NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 


a  groundbreaking  public  display 
of  voice-over-IP  interoperability, 
nine  vendors  tried  to  prove  their 
convergence  hardware  and  soft¬ 
ware  could  work  together  to  pro¬ 
duce  end-to-end  toll-quality  voice 
calls. 

During  this  first  public  interoper¬ 
ability  testing  lab  hosted  at  the 
ComNet  2001  trade  show  by  Network  World  and 
its  Global  Test  Alliance  partner  Miercom  last 
month,  these  vendors  of  voice-over-IP  gateways 
and  gatekeepers,  IP  phones,  soft  phones  and  IP 
PBXs  demonstrated  basic  levels  of  interoperability. 
They  successfully  placed  calls  with  each  other  at 
“toll  quality”  voice  levels  based  on  the  International 
Telecommunication  Union’s  H.323  standard. 

But  gatekeeper-to-gatekeeper  interoperability 
between  vendors’  products  was  not  achievable 
because  Cisco  and  Clarent  implemented  their 
call-control  models  differently  in  each  of  their 
gatekeeper  products. Wliat  these  technical  diffi¬ 
culties  mean  for  customers  is  that  —  for  now  at 
least  —  you’ll  have  to  choose  one  vendor  or  the 
other  to  provide  all  of  your  voice-over-IP  infra¬ 
structure  gatekeepers. 

Many  of  the  2,000-plus  ComNet  2001  atten¬ 
dees  who  visited  the  interoperability  lab  entered 
skeptical,  but  left  convinced  that  voice-over-IP 
vendors  are  achieving  interoperability  that  might 
soon  translate  into  multivendor  converged  net¬ 
works  in  the  real  world. 

It  is  important  to  note  that  none  of  this  interop¬ 
erability  was  truly  out  of  the  box.  A  fair  of  amount 
of  tweaking  on  the  part  of  all  engineers  was  nec¬ 
essary  to  make  things  work,  and  at  the  end  of  the 
event,  some  technical  issues  remained  unresolved. 
A  few  vendors  could  achieve  only  one-way  con¬ 
versations,  others  could  not  always  successfully 
implement  a  call  based  on  H.323  Fast  Connect 
procedure,  while  still  more  had  trouble  imple¬ 
menting  a  bidirectional  call  based  on  the  stan¬ 
dards  "slow  start”  procedure. 


The  challenge 

Miercom’s  voice-over-IP  research  in  the  past 
two  years  has  shown  that  while  many  vendors 
claim  interoperability,  few  were  willing  to  go 
on  the  record  to  prove  it.  Many  industry-spon¬ 
sored  events  have  taken  place  during  the  past 
two  years,  but  all  were  held  behind  closed 
doors.  Late  last  year,  Network  World  issued  an 


editorial  challenge  to  voice-over-IP  vendors  to 
go  public. 

Miercom’s  initial  call  for  products,  based  on 
H.323  Version  2,  went  out  in  December.  Avaya, 
Cisco,  Clarent,  HearMe,  Memotec  Communica¬ 
tions,  Oki  Network  Technologies,  Polypix,  Quin- 
tum  Technologies  and  Siemens  Enterprise  Net¬ 
works  accepted  the  challenge.  Sitara  Networks 
also  tested  its  QoSWorks  quality-of-service,  traffic 
management  and  caching  appliance  with  many 
of  these  vendors  to  determine  the  product’s 
effectiveness  in  prioritizing  TCP  and  User  Data¬ 


gram  Protocol  (UDP)  traffic  for  applications  such 
as  voice  on  a  converged  transmission  path. 

In  addition  to  the  participants,  several  vendors 
provided  infrastructure  components  and  test 
gear  for  the  lab. These  contributions  included 
Extreme  Networks’  Summit  48  and  Alpine  3808 
switches;  the  Hammer  IT  and  H.323  Call  Genera¬ 
tion  Tool  from  Empirix  (formerly  Hammer  Tech¬ 


nologies);  Agilent's  Internet  Advisor,  Network 
Associates’  Sniffer;  Ixia  400  Ethernet  Generator/ 
Analyzer;  and  Abacus  test  systems. 

Prestaging 

Vendors  that  agreed  to  participate  in  the  inter¬ 
operability  lab  were  invited  to  a  prestage  event, 
held  at  Miercom’s  lab  facilities  in  New  Jersey.  The 
purpose  was  to  let  vendors  test  their  levels  of 
interoperability  with  each  other  and  resolve  any 
technical  issues  that  might  prevent  their  success¬ 
ful  participation  at  the  ComNet  demonstration. 


Products  making  the  Miercom  interoperability  grade 

Nine  vendors  stepped  up  to  the  plate  with  more  than  two  dozen  products  to  publicly  test  whether  they 
could  interoperate  on  some  level.  The  vendors  and  the  products  they  brought  are: 


Vendor 

Avaya 

Product 

IP600  IP  Communication  Server;  Definity  9.1  Gatekeeper;  Avaya  IP  Telephone  4612;  Avaya 
IP  Softphone 

Cisco 

AS  5300;  Cisco  3660;  Cisco  2611,  Cisco  7200  Series/VXR 

Clarent 

Clarent  Gatekeeper  VI. 1;  Clarent  Command  Center  V3. 1.1  spl  and  Clarent  Connect  V2.0; 
Clarent  Application  Server  1 .1  spl  and  Clarent  Assist  3.0  spl ;  Clarent  Gatekeeper  Controller 
VI.  1;  SNMP  Server  1.1;  Clarent  Gateway  1 00  V3.1 .1 ;  Clarent  Gateway  400  V3.1.1 

HearMe 

HearMe  SIP  Softphone  VI  .0;  HearMe  VoiceServer  V2.5 

Memotec  Communications 

CX950  Multiservice  Access  Switch 

Oki  Network  Technologies 

BV1250  Internet  Voice  Gateway;  VolP-TA  Single-line  Terminal  Adapter 

Polypix 

Pixel  2000  Call  Server  and  Web  Client  VI. 1.1 7 

Quintum  Technologies 

Tenor  A400  CS;  Tenor  D2400  CS;  software  Version  P-2-1  -1 6 

Siemens  Enterprise  Networks 

OptiPoint  300  Advance  IP  phone 

ent,  which  provided  the  “reference”  gate¬ 
keepers  for  the  test  bed,  as  well  as  other  voice- 
over-IP  equipment;  HearMe,  Memotec,  Oki, 
Polypix,  Quintum,  Siemens  and  Sitara.  Each  sent 
equipment  (see  story,  page  48)  and  at  least  one 
technical  representative  to  assist  in  setting  up 
and  testing  the  equipment  throughout  the 
prestaging. 

We  were  surprised  at  how  quickly  the  assem¬ 
bled  parties  passed  through  level  one  of  our  tests 
—  demonstrating  the  ability  to  set  up  calls  be¬ 
tween  endpoints  (without  a  gatekeeper).  Within 
a  day,  most  vendors  had  proven  they  could  set  up 
calls  and  maintain  toll-quality  voice  paths  with  at 
least  two  other  vendors. 

The  biggest  challenge  was  incompatibility 
between  the  reference  gatekeepers  —  Cisco’s 
3660, 2611  and  7200  and  Clarent’s  Gatekeeper 
Version  1.1  —  that  prevented  passing  the  voice 
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monitor  and  control  the  state  of  all  calls  within 
its  zone. This  model  is  often  referred  to  as  being 
“stateful”  because  the  gatekeeper  maintains  state 
throughout  all  calls  between  endpoints. 

Clarent  positions  its  product  line  differently 
from  Cisco’s  in  that  it  emphasizes  the  role  of  its 
Command  Center  management  system  in  collect¬ 
ing  and  processing  data  about  network  activity. 
This  information  is  vital  to  service  providers  that 
have  to  handle  huge  amounts  of  billing  and  other 
management  functions.  Maintaining  a  stateful  call 
is  necessary  to  collect  accurate  data  about  that 
call,  which  is  then  forwarded  to  the  Command 
Center’s  database. 

To  solve  the  incompatibility  issue,  we  created 
two  separate  test  beds:  one  consisting  of  two 
domains,  each  under  the  control  of  a  Cisco  gate¬ 
keeper  and  another  consisting  of  two  domains, 
each  under  the  control  of  Clarent  gatekeepers 
(see  graphic,  page  48). 

In  addition  to  specific  gatekeeper  interoperabil¬ 


Empirix's  Blake  Wallace  explains  to  ComNet  2001  attendees  Thomas  Nagel  and  Florin  Hodis  of  Consultronics 
how  his  company's  Hammer  IT  test  tool  drives  the  voice-over-IP  test  bed. 


packets  from  one  gatekeeper  to  the  next  because 
of  the  differences  in  the  way  they  implemented 
the  H.323  standard. 

In  the  “direct”  call  model  (used  by  Cisco),  the 
gatekeeper  handles  registration  and  discovery, 
address  translation  and  call  admission  procedures 
over  a  Registration, Admission  and  Status  (RAS) 
channel.  But  once  these  steps  occur,  it  then  drops 
out  of  the  path,  leaving  the  endpoints  to  handle 
call  setup  and  call-control  signaling  on  their  own. 
Cisco  does  this  to  achieve  greater  scalability 
within  the  network. The  longer  a  gatekeeper  is 
tied  up  monitoring  one  call,  the  less  calls  it  can 
process  overall. 

Clarent’s  gatekeeper  supports  the  routed  call 
model  in  which  all  call  setup  and  control  signal- 
is  routed  through  the  gatekeeper,  letting  it 


ity  issues,  several  interesting  technical  challenges 
arose  during  this  preliminary  testing.  Under  the 
ground  rules  set  for  the  prestage  event,  we  cannot 
disclose  which  vendors  encountered  these  issues. 
But  we  can  discuss  the  issues. 

Flexibility  within  the  H.323  standard  proved 
a  blessing  and  a  curse. Throughout  the  pre¬ 
stage,  vendors  often  had  to  tweak  call-control 
code  to  create  a  voice  path  because  another 
vendor’s  product  expected  messages  in  a  differ¬ 
ent  order.  H.323  allows  for  some  flexibility  in 
coding  to  accommodate  custom  applications  in 
a  network,  which  end  users  demand,  but  this 
creates  incompatibilities  that  may  require 
minor  recoding  in  a  multivendor  voice-over-IF 
environment. 

This  is  what  makes  out-of-the-box  inter¬ 


1 


operability  based  on  H.323  so  difficult.  At  the 
prestaging  event  and  the  ComNet  lab,  we  had 
the  benefit  of  dedicated,  on-site  technical  staff 
to  iron  out  incompatibilities  in  the  code  that 
prevented  interoperability  between  two  prod¬ 
ucts.  In  the  real  world,  end  users  aren’t  going  to 
have  that  level  of  support  and  will  most  likely 
be  spending  a  lot  of  time  on  the  phone  to  the 
various  vendors’  technical  support  staffs  to 
make  things  work. 

Complexity  is  another  issue.  Setting  up  a  call 
according  to  H.323  standards  can  involve  up  to 
18  steps. Testers  dub  this  the  “slow  start”  proce¬ 
dure  for  obvious  reasons. To  alleviate  this  prob¬ 
lem,  H.323  Version  2  specifies  a  Fast  Connect 
procedure,  which  allows  the  establishment  of  a 
point-to-point  call  with  as  little  as  one  round  trip. 
(This  is  also  called  the  “fast  start”  procedure, 
named  for  an  element  used  in  the  Fast  Connect 
set-up  code.) 

While  most  vendors  could  establish  calls 
based  on  the  slow-start  procedure,  a  few  had 
problems  negotiating  a  fast  start  due  to  problems 
with  encoding.  In  one  instance,  a  vendor  could¬ 
n’t  complete  fast  start  with  the  Clarent  gatekeep¬ 
er  because  its  transmitting  side  did  not  have  an 
IP  address  and  Real-Time  Protocol/Real-Time 
Control  Protocol  port  numbers  that  the  Clarent 
gatekeeper  recognized. 

A  minor  code  change  by  the  vendor  initiating 
the  call  alleviated  the  incompatibility.  Interest¬ 
ingly,  though,  the  same  product  successfully 
implemented  a  fast-start  call  with  the  Cisco 
gatekeeper  using  the  original  code. 

On  two  other  products,  the  fast-start  procedure 
worked,  but  calls  couldn’t  be  set  up  using  the  slow- 
start  procedure.  Engineers  working  on  the  problem 
completed  several  packet  traces  to  determine  the 
cause,  but  left  the  prestage  still  unable  to  complete 
calls  via  slow  start. 

Some  products  tested  during  the  prestage  had 
problems  establishing  a  voice/media  path  due  to 
vocoder  mismatches.  Vocoders  encode  pulse- 
code-modulated  (PCM)  speech  samples  into  bits 
that  can  be  transmitted  over  a  packet  network. 
The  bits  are  decoded  back  to  PCM  speech  at  the 
receiving  end.  Voice-over-IP  gateways  and  IP 
phones  support  a  certain  amount  of  vocoders, 
but  different  vendors’  support  varying  numbers 
and  types.  During  the  call  setup  process  the 
products  have  to  agree  on  which  vocoder  they 
will  use  for  conversations.They  essentially  “com¬ 
pare”  their  collection  of  vocoders  with  respective 
preferences  on  which  one  they  should  use.  If  the 
products’  vendors  cannot  agree  on  a  vocoder,  or 
they  don’t  have  a  single  matching  vocoder,  the 
call  cannot  be  established. 

Put  another  way:  If  Gateway  A  supports  G.71 1 
and  G.729  and  Gateway  B  supports  G.723  and 
G.729,  they  would  agree  on  G.729.  However,  if 
Gateway  B  supported  only  G.723,  the  call  would 
fail.  Likewise,  if  Gateway  A  returns  a  message  that 
says,  “I  definitely  want  to  use  G.71 1,  even  though 
I  have  G.729  available,”  the  call  will  fail. 

One  highlight  of  the  prestage  event  was  the 
successful  sending  of  a  fax  from  the  Cisco 
AS5300  gateway  to  the  Clarent  Gateway  400 
through  the  Clarent  Gatekeeper,  based  on  the 
ITU-T’s  T.  38  standard  for  fax  transmissions.  Based 
on  our  experiences  testing  voice-over-IP  systems, 
this  is  a  significant  achievement. 


46  Network  World  March  5,  2001  www.nwfusion.com 


>6°J97t/, 


UPDATE 

Technology  Issues 


More  than  half  of  the  voice- 
over-IP  gateways  we’ve  tested 
recently  have  failed  this  faxing  test.  It's 
a  challenge  for  voice-over-IP  systems  to  rec¬ 
ognize  fax  encoding  and  respond  to  it 
because  they  have  trouble  distinguishing 
between  modem  and  fax  squawks. 

Other  factors  also  impede  the  transmis¬ 
sion.  First,  if  the  transmission  is  taking 
place  via  G.723  1  vocoders,  the  sending 
machine  must  switch  to  a  G.71 1  vocoder 
because  it  provides  better  quality  trans¬ 
mission.  Then  the  sending  machine  has  to 
turn  off  echo  cancellation  and  silence 
suppression  before  the  fax  can  be  sent. 

The  receiving  machine  also  has  to  distin¬ 
guish  between  squawks,  change  the 
vocoder,  and  turn  off  echo  cancellation 
and  silence  suppression.  With  all  these 
procedures,  lots  can  go  wrong.  So  the  fact 
that  we  made  this  work  in  a  multivendor 
environment  is  noteworthy. 

At  the  end  of  the  prestage,  the  vendors 
agreed  that  they  were  ready  for  prime 
time,  open-door  testing  in  the  ComNet 
2001  interoperability  lab.  However,  a  num¬ 
ber  continued  to  iron  out  minor  incompat¬ 
ibilities  up  to  opening  day  of  ComNet. 

ComNet  and  beyond 

The  participating  vendors  at  the  Com¬ 
Net  lab  demonstrated  interoperability  with 
several  other  vendors  (see  graphic,  page 
48.Tables  1  and  2  for  details  on  specific 
product  interoperability.)  Even  though  at 
showtime  some  incompatibilities  re¬ 
mained,  the  overall  consensus  among  the 
participants  and  the  ComNet  attendees 
who  visited  the  lab  was  that  voice-over-IP 
interoperability  based  on  H.323  has  come  a 
long  way  in  the  past  six  months. 

One  impressive  performance  note  was 
after  the  Cisco  and  Clarent  interoperability  test 
beds  were  set  up,  Miercom  test  engineers  ran  a 
call-completion  rate  test  between  the  Cisco  AS5300 
gateway  and  Clarent’ s  400  Gateway  through  the 
Clarent  Gatekeeper  via  the  Hammer  IT  system. 
After  12  hours  and  38,000  call  attempts,  only  six 
calls  failed  —  a  99  9984%  call-completion  rate. 
Many  single  voice-over-IP  gateways  tested  privately 
at  Miercom’s  Labs  haven’t  done  as  well. 

Siemens  optiPoint  300  Advance  IP  phone  was 
perhaps  the  most  out-of-the-box-ready  product, 
able  to  work  with  most  of  the  participants  with 
minimal  tweaking.  The  Siemens  phones  exhibited 
a  4-second  post-dial  delay  (PDD),  which  is  on  the 
high  side  compared  to  analog  and  digital  phones 
on  which  a  2-second  delay  or  less  is  more  typical. 
The  4-second  PDD  is  a  noticeable  pause,  but 
voice  quality  is  not  otherwise  affected. The  H.323 
specification  allows  for  up  to  a  10-second  PDD, 
after  which  time  call  completion  is  impaired.  But 
to  be  fair,  we  didn’t  test  the  optiPoints  against 
any  similar  IP  phones  in  this  round  of  testing, 
which  may  deliver  similar  performance  delays. 

Despite  many  long  hours  of  tracing  packets  and 
analyzing  code,  several  vendors  were  unable  to 
resolve  lingering  incompatibilities.  For  example, 
when  operating  in  the  Clarent  Gatekeeper  domain, 
Oki’s  BV1250  gateway  (when  initiating  calls,  but 
not  receiving  them)  could  establish  only  a  one-way 


ComNet  attendees  Greg  Michel  and  Pierre  Debanne  discuss  the  merits 
of  voice-over-IP  interoperability. 


conversation  with  the  Cisco  3640  gateways  and 
Clarent’ s  100  and  400  gateways.  But  it  had  no  trou¬ 
ble  communicating  bidirectionally  with  Quintum’s 
Tenor  gateways  and  Siemens’  optiPoint  300 
Advance  IP  phones  in  the  same  network. 

Quintum’s  Tenor  gateways  also  could  not  com¬ 
municate  with  Memotec’s  CX950,  which  both 
vendors  narrowed  down  to  an  incompatibility  in 
the  Fast  Connect  procedure.  Avaya  also  could  not 
resolve  incompatibilities  between  its  IP600  (IP 
PBX)  and  the  Quintum  gateway,  possibly  due  to 
routing  problems. 

Nuera  planned  to  demonstrate  its  new  Nuera 
Orca  Network  Signaling  Gateway  (NSG),  a  Ses¬ 
sion  Initiation  Protocol-to-H.323  converter,  which 
reportedly  lets  products  that  support  SIP,  but  not 
H.323  (such  as  Shoreline  s  Communications  Sys¬ 
tem)  work  with  products  that  support  only 
H.323.  Regrettably,  the  product  was  damaged  in 
transit  and  could  not  be  integrated  into  the  voice 
over  IP  test  bed. 

So  where  do  we  go  from  here?  For  starters, 

Cisco  and  Clarent  acknowledge  gatekeeper-to-gate- 
keeper  incompatibility  issues  constitute  the  “next 
phase”  in  voice-over-IP  interoperability  testing.  We 
expect  to  see  the  leading  vendors  in  this  area  — 
Cisco,  Clarent  and  Avaya  among  them  —  tackling 
the  problems  of  interdomain  interoperability  dur¬ 
ing  the  year  but  they  could  not  give  us  a  firm  date 


when  the  resolution  would  manifest  itself 
in  their  products. 

We  hope  to  also  see  more  public  events 
in  which  vendors  are  not  only  willing  to 
acknowledge  incompatibilities  openly,  but 
also  work  to  resolve  them  in  an  open 
forum.  Perhaps  this  might  lead  to  more 
widespread  dissemination  of  documenta¬ 
tion  that  will  outline  specific  incompatibil¬ 
ities  among  voice-over-IP  equipment  — 
and  the  means  to  solve  them. 

More  agreement  in  the  standards  bodies 
as  to  what  implementations  are  truly  “stan¬ 
dard ’also  needs  to  be  resolved.  Vendors 
that  participated  in  this  lab  made  honest 
efforts  to  comply,  but  w  ithout  one  of  the 
H.323  standards  developers  around  to  pass 
judgment  as  to  whether  code  is  imple¬ 
mented  as  intended,  it  can  easily  become  a 
finger-pointing  game  of  who’s  doing  it 
right  and  who’s  doing  it  wrong. 

As  for  out-of-the-box  interoperability 
based  on  H.323,  that’s  probably  a  long  way 
off.  It’s  likely  some  code  tweaking  will 
always  be  necessary  to  affect  a  smoothly 
running  multivendor  converged  network. 
H.323  is  simply  too  large  and  complex  to 
expect  otherwise.  Newer  versions  of 
H.323  under  consideration  now  reportedly 
better  address  some  of  these  complexity 
issues.  However,  corporate  IT  staffs  will 
need  to  have  a  firm  understanding  of  all 
versions  of  the  H.  323  standard  to  work 
with  these  various  vendors  to  resolve 
these  issues.  And  having  a  good  service 
contract  with  the  vendor  that  offers  on-site 
|  tech  support,  at  least  in  the  initial  deploy- 
|  ment  phase,  is  also  going  to  be  necessary. 
That  said,  look  to  the  other  less-compli¬ 
cated  standards,  such  as  Media  Gateway 
Control  Protocol  and  SIP,  to  take  H.323’s 
place  in  the  long  term.  Our  next  public  inter¬ 
operability  lab,  at  the  June  SuperComm  in  Atlanta, 
will  be  based  on  those  standards.  Once  again,  we 
are  challenging  all  vendors  who  claim  interoper¬ 
ability  privately  to  prove  it  publicly. 

Yocom  is  senior  editor,  Bilger  is  senior  lab-test 
engineer,  Smithers  is  president  and  Hommer  is 
lab  manager  at  Miercom,  a  network  consultancy 
and  product-test  center  in  Princeton  Junction, 
NJ.  They  can  be  reached  at  byocom@mier.com; 
ubilger@mier.com;  rsmithers@mier.com  and 
mhornmer@mier.com. 


Miercom  is  a 
member  of  the 
Network  World 
Global  Test 
Alliance,  a  cooper¬ 
ative  of  the  pre¬ 
mier  reviewers  in 
the  network 
industry,  each 

bringing  to  bear  years  of  practical  experi¬ 
ence  on  every  review.  For  more  Test  Alliance 
information,  including  what  it  takes  to 
become  a  member,  go  to  www.nwfusion. 
com/alliance. 
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MIERCOM  VoIP  TEST  SCENARIOS 


e  asked  vendors  to  demonstrate  interoper¬ 
ability  on  three  levels,  ranging  from  a  basic 
call  completion  between  two  endpoints  to 
gatekeeper-to-gatekeeper  communication 
;  across  domains.  Vendors  selected  the  sce¬ 
nario  that  best  suited  their  equipment.To  partici¬ 
pate  in  our  interoperability  event,  vendors  had  to 
prove  interoperability  with  at  least  two  products 
from  other  vendors. 

In  the  most  basic  level  of  testing,  we  asked  ven¬ 
dors  to  establish  a  phone  call  between  their  product 
(an  IP  phone,  IP  soft  phone  or  IP  PBX)  through  a 
gateway  (such  as  Cisco’s  AS5300  or  Clarent’s  Gate¬ 
way  400)  to  a  terminating  point  on  the  public 
switched  telephone  network  (PSTN).  Communica¬ 
tion  between  the  gateway  and  the  PSTN  was  viaT-1 


trunk,  through  anAdtranTSU-100,  to  an  analog  line 
and  analog  phone  on  the  terminating  end  of  the 
communications  path. 

The  gatekeeper  was  introduced  in  the  second 
level  of  testing.  Optional  in  the  H.323  standard,  the 
gatekeeper  provides  address  translation,  admissions 
control,  bandwidth  control  and  zone  management 
to  a  collection  of  devices  under  its  control.  Products 
tested  in  this  scenario  might  include  gateways,  IP 
phones  or  PCs  supporting  soft  phone  applications. 
In  this  scenario,  calls  were  placed  between  one  end¬ 
point  through  a  gatekeeper  to  another  end  node  — 
a  gateway  (from  the  vendor  originating  the  call  or 
another  vendor),  or  another  endpoint  (IP  phone, 
analog  phone  from  another  vendor). 

The  third  level  of  testing  required  gateway-to- 


Tabie  1:  Interoperable  vendors  registered  with  Cisco  7200  and  3660  gatekeepers 


CALLED  PARTY 


Siemens  Siemens 


Memotec 

CALLING  PARTY  CX950 

Memotec 

CX950 

Oki 

BV1250 

Oki 

VolP-TA 

HearMe 

Voice- 

Server 

V2.5 

optiPoint 

300 

Advance 
IP  Phone 

optiPoint 

300 

Advance 
IP  Phone 

Quintum 

Tenor 

D2400 

CS 

Avaya 
IP  600 

Avaya 

Definity 

9.1 

GW/GK 

Cisco 

AS5300 

Gateway 

Memotec  CX950 

X 

X 

X 

X 

X 

X 

X 

Memotec  CX950 

X 

X 

X 

X 

X 

X 

Oki  BV1250 

X 

X 

X 

X 

X 

X 

X 

X 

X 

Oki  VolP-TA 

X 

X 

X 

X 

X 

X 

X 

HearMe  VoiceServer  V2.5 

X 

Siemens  optiPoint  300 
Advance  IP  Phone 

X 

X 

X 

X 

X 

X 

X 

X 

X 

Siemens  optiPoint  300 
Advance  IP  Phone 

X 

X 

X 

X 

X 

X 

X 

Quintum  Tenor  D2400  CS 

X 

X 

X 

X 

X 

X 

X 

Avaya  IP  600 

X 

X 

X 

X 

X 

Avaya  Definity  9.1 
gateway/gatekeeper 

X 

X 

X 

X 

X 

X 

Cisco  AS5300 

X 

X 

X 

X 

X 

X 

X 

X 

X 

X 

Table  2:  Interoperable  vendors  registered  with  Clarent  gatekeepers 

CALLED  PARTY  Siemens  Siemens 


optiPoint 

300 

Advance 

CALLING  PARTY  IP  Phone 

optiPoint 

300 

Advance 
IP  Phone 

Oki 

B  VI 250 

Oki 

B  VI 250 

HearMe 

Voice- 

Server 

V2.5 

Cisco 

3640 

Gateway 

Cisco 

3640 

Gateway 

Clarent 

Gateway 

100 

Clarent 

Gateway 

100 

Quintum 

Tenor 

D2400 

CS 

Quintum 
Gateway 
A400  CS 

Siemens  optiPoint  300 

Advance  IP  Phone 

X 

X 

X 

X 

X 

X 

X 

X 

X 

Siemens  optiPoint  300 

Advance  IP  Phone  x 

X 

X 

X 

X 

X 

X 

X 

X 

Oki  BV1250  x 

X 

X 

X 

X 

Oki  BV1250  x 

X 

X 

X 

X 

HearMe  VoiceServer  V2.5 

Cisco  3640  Gateway  x 

X 

X 

X 

X 

X 

X 

X 

X 

Cisco  3640  Gateway  x 

X 

X 

X 

X 

X 

X 

X 

X 

Clarent  Gateway  100  x 

X 

X 

X 

X 

X 

X 

X 

X 

X 

Clarent  Gateway  400  x 

X 

X 

X 

X 

X 

X 

X 

X 

X 

Quintum  Tenor  D2400  CS  x 

X 

X 

X 

X 

X 

X 

X 

X 

Quintum  Tenor  A400  CS  x 

X 

X 

X 

X 

X 

X 

X 

X 

Poplypix  2000  Call  Server  x 

X 

X 

X 

X 

X 

X 

X 

X 

X 

and  Web  Client  VI. 1.17** 

"Pclypix  Wubphone  calls  could  only  be  placed,  not  received,  in  the  testbed. 


gateway  communications  across  H.323  zones  (or 
domains).  In  this  test,  one  vendor’s  originating  gate¬ 
way  or  gateway/gatekeeper  combination  product 
placed  a  call  to  another  gateway  and/or  gatekeeper 
(its  own  or  another  vendor’s)  through  a  gatekeeper 
(again,  its  own  gatekeeper  or  one  from  another  ven¬ 
dor).  To  cross  domains,  communication  between 
two  gatekeepers  (from  the  same  vendor,  or  be¬ 
tween  one  vendor  and  another  vendor’s  product) 
was  required. 

In  the  tests,  calls  were  considered  successfully 
placed  if  a  voice  path  was  established  between  both 
parties,  the  voice  call  was  understandable  and  the 
calls  closed  gracefully  so  that  network  resources 
were  fed  quickly  and  available  to  subsequent  callers. 
Miercom  engineers  also  monitored  post  dial  delay.  3 


VoIP  interoperability  network  with 
Cisco  7200  and  3660  gatekeepers 


Cisco  gatekeeper 

Domain  1 


Cisco  gatekeeper 

Domain  2 


To  participate  in  the  ComNet  VoIP  Interoperability  Lab,  a  vendor  had  to  successfully  interoperate  with  at  least  two  other  products.  The  HearMe  VoiceServer 
successfully  demonstrated  interoperability  with  the  Cisco  AS5300  gateway  and  also  Clarent's  100  and  400  Gateways  (see  Table  2).  An  "X"  indicates  that 
the  device  initiating  the  call  was  able  to  successfully  interoperate  with  the  device  receiving  the  call. 


VoIP  interoperability  network  with 
Clarent  gatekeepers  V  1.1 


Clarent  gatekeeper 

Domain  1 


Clarent  gatekeeper 

Domain  2 


HearMe 


Polypix 
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CLARITY 

ACCELERATES 

GREAT  BUSINESS  DECISION  MAKING 


EMA  IS  THE  1st  analyst  fi  rm  to  specialize  exclusively  in  enterprise  management  technologies. 

Our  firm  is  engaged  in  uncovering  the  truths,  trends,  and  challenges  facing  the  IT  community.  EMA's  specialty  practice  is 
not  the  only  thing  that  differentiates  us.  You'll  also  benefit  from: 

EASY  ACCESS  TO  ANALYSTS  |  CUSTOM-TAILORED  SERVICES  |  QUALITATIVE  QUASI-DEDUCTIVE  METHODOLOGIES 

Can  you  afford  NOT  to  have  clarity? 

VISIT  US  AT  www.enterprisemanagement.com/nww  to  download  our  no-cost  reports  on  network  performance  &  security 
and  software  beta  testing  (best  practices). 

2108  55th  Street,  Suite  110,  BouU\  ' 

Phone:  303-5*3 


E  N  T  E  R  P  R I S  E  M  A  N  A  G  E  M  E  N  T 

ASSOCIATES 


Installing  firewalls,  traffic  priori¬ 
tization  tools  and  bandwidth 
governors  typically  involves 
buying  separate  products  and 
configuring  each  via  a  convo¬ 
luted,  product-specific  procedure. 
Having  adequate  expertise  always  on 
hand  to  deal  with  your  network's  dis¬ 
parate  software  tools  entails  lots  of 
cross-training,  and  the  sheer  number 
of  products  makes  technical  support 
a  many-headed  Hydra. 

Lightspeed  Systems  says  it  has  a 
better  approach.  Using  what  it  calls 
IP  Magic  technology,  Lightspeed  has 
created  collections  of  interchange¬ 
able  software  tools  that  manage  traf¬ 
fic  on  networks  that  include  one  or 
more  Windows  NT-based  computers. 
The  company  claims  the  tools  are 
easy  to  install  and  configure.  We  put 
one  of  the  collections, Total  Control 
for  e-Business,  through  its  paces  in 
our  lab  to  test  those  claims. 

The  comprehensive  set  of  network 
tool  components  worked  well,  and 
we  could  arrange  the  components  in 
highly  flexible  ways.  Moreover,  the 
underlying  plug-and-play  parts  tech¬ 
nology'  is  so  compelling,  we  wonder 
why  all  network  software  doesn’t  use 
IP  Magic’s  approach. Total  Control  for 
e  Business  is  especially  appropriate 
for  busy  companies  whose  networks 
need  almost  daily  reconfigurations 
and  installations  of  firewalls,  band¬ 
width  allocators,  traffic  filters  and 
load  balancers. 

It's  a  kind  of  magic 

Between  two  network  adapters  in 
an  NT  4.0  computer,  you  use  Total 
Control  for  e-Business  to  insert  any 
combination  you  desire  of  what  Light¬ 
speed  calls  IP  Magic  objects.These 
objects  include  source  and  destina¬ 
tion  network  address  translation 
(NAT)  tools,  a  firewall,  traffic  filter, 
packet  counter,  SNMP  agent,  load  bal¬ 
ancer,  traffic  prioritizer,  speed  limiter 
and  various  other  functions.  Because 
each  of  the  mix-and-match  inter¬ 
changeable  components  has  the  same 
input  and  output  parameters,  it’s  pos¬ 
sible  to  string  them  together  in  what¬ 
ever  order  you  want.  We  found  choos¬ 
ing  combinations  of  IP  Magic  objects 
an  easy,  intuitive  process.To  build 
each  IP  Magic  network  control  point, 
we  dragged  and  dropped  icons  in 
Lightspeed ’s  visual  design  and  config¬ 
uration  environment.  Saving,  loading 
and  activating  different  IP  Magic  con¬ 
figurations  is  as  painless  as  saving  and 
loading  word  processing  documents. 

Even  though  Total  Control  for 
e-Business’  several  components  are 
easy'  to  select  and  configure;  don’t 
think  that  they’re  not  high-quality, 
serious  software.  For  example,  in  our 
firewall  tests  we  found  Lightspeed’s 
product  immune  to  almost  all  our 


Traffic  management 


A  network  traffic 
control  tower 

Drag-and-drop  interface  makes 
Lightspeed  Total  Control  for  e-Business 
a  breeze  to  use. 


BY  BARRY  NANCE, 

NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 

letResults 

Total  Control  for  e-Business  2.6 

RATING:  4.1  COMPANY:  Lightspeed  Systems,  (661)  324-4291,  www.lightspeedsystems.com 
COST:  Starts  at  $7,995  PROS:  Intuitive  user  interface;  useful  collection  of  networking  tools. 
CONS:  Firewall  susceptible  to  rare  TCP  sequence  prediction  errors;  no  index  in  the  manual. 

Traffic 

Security  management  Ease  of  use  Documentation  Installation  Total 
_ 30% _ 30% _ 20% _ 10% _ 10%  score 

Total  Control  44  5  4  3  4.1 

for  e-Business 

Scoring  key:  5:  Exceptional  showing.  Defines  the  standard  of  excellence:  4:  Very  good  showing.  Although  there  may 
be  room  for  improvement,  this  product  was  much  better  than  average;  3:  Average  showing.  Product  was  neither  especially 
good  nor  exceptionally  bad;  2:  Below  average.  Lacked  some  features  or  lower  performance  than  other  products  or  than  was 
expected;  1:  Considerably  subpar,  or  lacking  features  being  reviewed. 


hacking  attempts.  Our  efforts  revealed 
some  vulnerabilities  in  TCP  sequence 
prediction,  but  the  firewall  compo¬ 
nent  successfully  thwarted  SYN 
floods,  data  storms,  port  scans  and  a 
teardrop-style  denial-of-service  attack. 
The  firewall  operated  at  near  wire 
speeds  in  the  performance  tests, 
resolving  all  packets  within  1 2  sec¬ 
onds  of  the  end  of  each  10-minute 
stress  test  (see  “How  we  did  it,”  www. 
nwfusion.com,  DocFinder:  3229).  Fur¬ 
thermore,  IP  Magic’s  installation  pro¬ 
gram  replaces  Microsoft’s  TCP/IP 
stack  with  Lightspeed’s  more  robust 
and  secure  protocol  stack. 

For  configuration  purposes,  each 
component  has  its  own  property' 
sheet,  activated  via  a  right  click.  Rules 
on  the  stateful  firewall's  property' 
sheet  define  security  policies  for  par¬ 
ticular  ty  pes  of  IP  traffic. The  out¬ 
bound  NAT  tool’s  property  sheet  con¬ 
tains  intemal-to-extemal  network  IP 
address  translation  rules  for  TCP  and 
User  Datagram  Protocol  (UDP)  traffic, 
and  it  works  with  static  and  dynamic 


IP  addressing  schemes.  Similarly,  the 
inbound  NAT  tool  has  settings  for  how 
to  swap  each  packet’s  IP  address  and 
port  number  with  values  you  specify. 
The  NAT  tools  also  have  settable  time¬ 
out  intervals  forTCP  and  UDP  packets. 

The  Total  Control  for  e-Business 
collection  of  components  includes  a 
server  load  balancer  and  WAN  load 
balancer.  The  server  load  balancer 
works  somewhat  like  Microsoft 
Windows  Load  Balance  Service.  It 
excelled  at  distributing  transaction 
traffic  across  multiple  Web  servers  in 
our  tests,  and  it  even  detected  and 
thereafter  avoided  servers  that  we 
abruptly  removed  from  the  network. 
By  setting  bandwidth  values  for  each 
gateway  in  the  WAN  load  balancer,  we 
throttled  and  distributed  outbound  IP 
traffic  over  multiple  WAN  links. 

We  also  liked  how  we  could  place  a 
traffic-monitoring  IP  Magic  compo¬ 
nent  wherever  we  wished.  As  we  first 
configured  our  Total  Control  for  e-Busi- 
ness  installations,  we  inserted  these 
packet  counters  liberally  to  see  the 


effects  of  the  filtering  and  load-balanc¬ 
ing  components.  After  verifying  our 
configurations,  we  then  removed  the 
packet  counters  with  a  mouse  click. 

The  installation  was  straightforward. 
Although  it  lacks  an  index,  the  docu¬ 
mentation  was  clear  and  thorough. 

Late  in  the  review,  Lightspeed 
shipped  us  a  Model  1100  hardware 
version  of  IP  Magic  (a  dual-processor 
Model  2100  is  also  available). A  slim, 
rack-mountable  NT  computer  with  no 
monitor,  keyboard  or  mouse,  the 
Model  1100  uses  Microsoft’s  Distrib¬ 
uted  Component  Object  Model 
(DCOM)  interface  to  accept  configu¬ 
rations  built  with  the  IP  Magic  visual 
design  environment.  Any  Windows- 
based  computer  on  the  network  can 
run  the  design  environment  and  thus 
control  the  appliance’s  IP  Magic  con¬ 
figuration.  Downloading  the  visual 
design  environment  to  a  client  com¬ 
puter  is  a  matter  of  connecting  to  the 
Model  1100  appliance  via  its  browser 
interface. The  only  minor  problem  we 
noted  was  an  occasional  DCOM  time¬ 
out  and  subsequent  disconnection  of 
the  visual  design  environment’s 
DCOM  link  to  the  appliance.  How¬ 
ever,  the  IP  Magic  hardware  device 
performed  quickly  and  with  rock- 
solid  reliability  in  our  tests. 

Lightspeed  bundles  varying  num¬ 
bers  of  IP  Magic  objects  in  several  col¬ 
lections  it  sells,  and  the  Total  Control 
for  e-Business  collection  is  one  of  the 
most  complete.  Each  set  of  easily  con¬ 
figured  tools  is  cost-effective  when 
you  contrast  it  with  the  expense  of 
buying,  training  for  and  setting  up 
multifunction  routers  or  special-pur¬ 
pose  network  products.We  recom¬ 
mend  IP  Magic  to  any  network  admin¬ 
istrator  who  longs  to  have  a  set  of 
comprehensive  network  tools  with  a 
single,  cohesive  user  interface. 

Nance,  a  software  developer  and 
consultant  for  29  years,  is  the  author 
of  Introduction  to  Networking,  4th 
Edition  and  Client/Server  LAN  Pro¬ 
gramming.  You  can  contact  him  at 
harry  n  @telocity.  com. 


Nance  is 
also  a  mem¬ 
ber  of  the 
Network 
World  Global 
Test  Alliance, 
a  cooperative 
of  the  premier  reviewers  in  the 
network  industry,  each  bringing 
to  bear  years  of  practical  experi¬ 
ence  on  every  review.  For  more 
Test  Alliance  information, 
including  what  it  takes  to 
become  a  member,  go  to  www. 
n  wfusion.  com/alliance. 
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Management,  Business  Justification 


Front  and  center 


BY  KIM  MCGRATH 


ublic  speaking.  Just  the  thought  of  it 
can  make  the  toughest  man  crum¬ 
ble.  But  for  many  IT  professionals, 
speeches  and  presentations  are  an  unavoid¬ 
able  part  of  the  job.  How  can  you  survive 
and  even  thrive  making  a  presentation? 


1.  Know  your  material 

Knowledge  of  the  subject  matter  is  cru¬ 
cial,  says  Timothy  Hoyle,  project  manager 
for  Novell  Consulting.  Talking  about  topics 
you’re  well-versed  in  ensures  your  presenta¬ 
tion  will  be  well-received,  he  says. 

In  his  former  position,  Hoyle  did  exten¬ 
sive  presales  work  and  frequently  spoke 
about  Novell’s  ZENworks  for  Desktops.  He 
recalls  a  strong  presentation  before  400 
people  at  BrainShare  Europe  in  Nice, 
France,  and  cites  his  familiarity  with  the 
topic  as  the  key  to  his  success. 


S/x  steps  to  making  a  successful 
presentation  about  any  topic. 


Despite  her  former  career  as  an  actress, 
Rochelle  Wyatt  of  the  Seattle  Public  Library 
used  to  get  stage  fright  when  she  had  to 
make  a  presentation. 


2.  Know  your  audience 

Robert  Lee,  network  project  leader  for 
the  University  ofWisconsin  in  Madison,  rec¬ 
ommends  tailoring  content  so  it’s  appropri¬ 
ate  for  your  audience. 

Lee  emphasizes  different  aspects  of  an  IT 
project  depending  on  who  he’s  talking  to 
—  vendors,  network  engineers  or  upper 
management.  For  example,  when  he’s 
speaking  to  executives  who  are  concerned 
about  funding,  he’ll  break  down  project 
costs  and  carefully  outline  the  return  on 
investment.  I _ 

Before  developing  a  presentation, 

Rochelle  Wyatt,  manager  of  IT  systems  support  for  the 
Seattle  Public  Library,  first  determines  what  her  audi¬ 
ence  wants  and  needs.  If  Wyatt  is  addressing  the 
library’s  directors,  she’ll  explain  why  data  lines  are 
needed  and  how  the  organization  can  benefit  from 
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SPEECH 

WRITING 

Online  tutorial:  The  Virtual  Presentation  Assistant. 
Secrets  of  success:  Toastmasters'  tips  on  public  speaking. 


voice  over  IP  However,  she  will  save  the  more  intricate 
H323-1 1  standards  discussion  for  her  IT  staff. 

3.  Be  prepared 

Robert  Bly,  president  of  the  Center  for  Technical 
Communication  in  Dumont,  N.J.,  recommends  one 
hour  of  preparation  for  every  minute  of  the  speech, 
which  means  a  1 5-minute  speech  might  require  two 
days  of  work. 

Lee  advises  keeping  presentations  to  a  maximum  of 
30  minutes.  If  you  are  forced  to  go  longer,  take  a  break 
so  audience  members  can  stretch  and  refocus. 

4.  Overcome  stage  fright 

For  many  people,  overcoming  stage  fright  is  the  hard¬ 
est  part  of  public  speaking.  Wyatt  once  had  a  terrible 
time  presenting,  which  is  ironic  considering  her  former 
position  as  a  professional  actress. 

“Getting  up  in  front  of  an  audience  with  a  script,  pre¬ 
tending  I  was  someone  else,  was  never  a  problem,” 
Wyatt  says.  But  with  no  script,  she  was  reduced  to  stut¬ 


tering  and  turning  red. 

Eager  to  do  something  about  her  lack  of 
confidence,  Wyatt  joined  Toastmasters. 
“Toastmasters  is  a  safe  environment  to  get 
over  the  fear  of  public  speaking  and  to  learn 
presentation  skills,”  she  says. 

Practicing  your  speech  will  help  assuage 
stage  fright  —  Lee  suggests  practicing  in  the 
area  that  your  presentation  will  take  place,  if 
possible. 

5.  Be  engaging 

Capturing  the  audience’s  attention  is 
another  essential  element  of  making  a  suc¬ 
cessful  presentation.  Lee  emphasizes  that  it’s 
crucial  to  maintain  eye  contact. 

Novell  Consulting’s  Hoyle  agrees.  As  a 
project  manager,  Hoyle  frequently  addresses 
audiences  ranging  from  IT  staffers  to  senior 
executives,  speaking  to  anywhere  from  five 
to  1,400  people.  But  regardless  of  the  size  of 
his  audience,  he  only  speaks  to  one  person 
at  a  time. “I  never  speak  to  the  entire  audi¬ 
ence,”  Hoyle  says.  “I  would  not  be  able  to  get 
my  subject  across  to  them.” 

Bly  often  begins  his  talks  by  drawing  a 
small  circle  on  a  blackboard  indicating  his 
brain  size.  He  then  draws  a  much  larger  cir¬ 
cle,  indicating  the  combined  brain  size  of 
his  audience.  He  encourages  people  to 
share  their  questions,  answers  and  experi¬ 
ences  during  his  presentations. 

“I  am  not  a  guru  or  a  rainmaker.  Often 
times,  an  audience  member  will  have  a  bet- 
I  ter  answer  to  a  question  than  1  will,”  Bly  says. 

6.  Use  visual  aids 

There’s  no  question  that  visual  aids  enhance  a  pre¬ 
sentation.  But  Hoyle,  who  prepares  slides  on  Power¬ 
Point,  warns  that  too  many  people  rely  on  slideware  to 
do  their  presentations  for  them. “I  want  the  presenter 
to  speak  to  me,  not  read  to  me,”  he  says. 

Lee  adds  that  while  embedded  graphics  and  colorful 
graphs  can  strengthen  a  discussion,  blinking  text  can  be 
distracting.  He  thinks  keeping  it  simple  and  clean  is  a 
better  approach. 

Bly  suggests  doing  something  out  of  the  ordinary. 
Recalling  a  talk  in  which  he  used  toy  phones  and  role- 
played  with  the  audience,  he  says,  “The  phones  were 
unsophisticated  but  they  got  the  audience’s  attention.” 

“Know  your  subject,  be  energetic,  have  fun  and 
know  why  you  are  doing  the  presentation  in  the  first 
place,”  Hoyle  says. 

Now  the  once  stuttering  anti  embarrassed  Wyatt 
says, “Public  speaking  is  actually  tun.” 

McGrath  is  a  freelance  writer  in  Weymouth,  Mass. 
She  can  be  tvached  at  kim0807@aol.com 
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It  appeared  out  of  nowhere,  changing  everything.  How 
could  something  so  small  create  anything  so  amazing? 


That  day  of  wonder  is  here  again.  Avocent  taps  the 
power  of  the  Web  with  DS1800-the  first  digital 
‘KVM  over  IP’  solution.  Connect  users  to  servers 
through  the  DS1800  anytime,  anywhere.  No  matter 
how  large  you  grow  or  where  you  need  to  be.  All  with 
a  simplicity  of  design  to  rival  Mother  Nature.  Real-time 
access  from  anywhere  is  within  your  reach.  Touch  it. 


Explore  our  ‘KVM  over  IP’  solution 
at  www.avocent.com 


Avocent 


EtherneTV 


Television  On  Your  Network! 


EtherneTV™  is  a  cost  effective  package  that  connects  any 
video  source  (i.e.  Camera,  VCR,  DVD,  etc.)  to  your  network  and 
streams  television  quality  video  to  an  unlimited  number  of  PCs  in 
your  building. 

We  offer  the  lowest  price  per  seat  in  the  industry  with  high  quality-full 
motion  MPEG  video. 

EtherneTV™  can  be  used  to: 

•  Stream  important  news  to  your  employee’s  desktop 

•  Educate  or  train  students  or  employee’s  remotely 

•  Enhance  your  security  systems  with  high  quality  surveillance 

•  Monitor  critical  processes  on  your  factory  floor 


Duiiamgvi^iuii 

Across 

y°ur  Network 


ine. 


12  Beaumont  Road 
Wallingford, Connecticut  06492  USA 

Tel:  (203)  303-0255  Fax:  (203)  265-6750 


Visit  Our  Web  Site  Today  At  www.vbrick.com  To  Locate  A  VBrick  Reseller  In  Your  Area! 


OBSERVER’ 


W-  • 


High  Performance  LAN/WAN  Troubleshooting 
&  Protocol  Analysis  Software  Solutions 


Observer — Removes  the  Mystery  of  What  is 
Being  Sent  or  Received  by  LAN  Stations 

Observer  identifies  network  trouble  spots  and  costs 
thousands  less  than  expensive  hardware-based 
analyzers.  If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert  Observer  or 
Observer  Suite. 

•  Full  packet  capture  and  decode  for  over 
1000  protocols,  including  TCP/IP  (v4  and  v6), 
NetBIOS/NetBEUI,  IPX/SPX,  Appletalk, 

SNA  and  DECnet 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
packet  capture  from  any  port(s) 

•  Long-term  network  trending  collects  statistical 
data  for  days,  weeks,  months,  even  years 

•  Optimized  ErrorTrack  NDIS  drivers  display 
true  errors-by-stations 

•  Real-Time  Statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics, 

Efficiency  History 


.  r,  » > 


EXPERT  OBSERVER® 
OBSERVER®  SUITE 
$1895 


•  Additional  probes  are  $295  per  local  or  remote 
segment/site/switch 

•  Ethernet  (10/100/1000),  Token  Ring,  FDDI 

Expert  Observer — Identifies  Problems  and 
Provides  Expert  Information  in  Plain  English 

Expert  Observer  includes  all  of  the  features  of 
Observer  plus  real-time  and  post-capture  expert 
event  identification,  expert  analysis,  VoIP  expert 
and  modeling  of  network  traffic  data. 

Observer  Suite — The  Ultimate  Tool  For  The 
Most  Demanding  Power  User 

Observer  Suite  provides  a  fuli  complement  of  tools 
that  includes  all  of  the  features  of  Expert  Observer 
plus  SNMP  management,  RM0N  console/Probe 
and  Web  reporting.  Includes  one  remote  Probe. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.networkinstruments.com 

US  &  Canada  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1322  303045  •  Fax  +44  (0)  1322  303056 


Network  World  March  5,  2001  www  nwfusion.com  51 


Be  a  part  of  Network  World's  N+l  Planning  Guide 

Issue:  April  30  ♦  Ad  Close:  March  26 


How  do  you  reboot  16 

equipment  units... 


If  your  company  is  planning  to  exhibit  at  NetWorld+Interop  in  Las  Vegas,  then 
Network  World’s  Planning  Guide  is  a  must! 

Get  extra  exposure  in  this  pre-show/planning  guide  issue  and  pave  the  way  for 
increased  traffic  at  your  booth.  Plus,  receive  bonus  coverage  on  an  outsert 
under  the  belly  band  of  the  N+l  May  7  “Show"  issue. 


fj>  Sentry  power  tower 


Your  Zero  U  Reboot  Solution 


16  remotely  addressable  power  outlets  — 
The  highest  density  available  of  any 
Remote  Power  Management  vertical  strip. 
30-amp  power  input  feed  distributed 
across  16  outlets. 

Mounts  vertically  In  your  equipment  tack  or 
cabinet  and  requires  Zero  U  of  rack  space. 
Load  Sense  provides  real-time  current 
monitoring  in  the  remote  screen  interface 
and  through  a  built-in  LED  display  for  on¬ 
site  measurement 

Power-up  sequencing  of  all  16  outlets 
prevents  an  ln-rush  current  overload. 
Telnet  SNMP.  Modem  or  RS-232  interfaces  for  easy, 
practical  and  secure  power  management  of  remote 
internetworking  equipment 


Install  the 


Sentry 


NOC 


your  data 


center. 


or 


and  gain  the 


advantage 


of 


enclosed 


;  Try  the  New  Sentry  Pt 
!  rack  or  cabinet  and  n 
"  of  Intelligent  Power 


Remote 


or  call  800*35.1515  or  775.aRq.aww 


Lease  Authorized  Reseller  Sell  Repair 
New  Refurbished  Used 

,  Norte 

1800  553  0592  3Con 
gwTOUrf'  www.wdpi.com  p™= 

Email:  cisco5@wdpi.com  Imljiml 


Nortel 

3Com 


Call  your  sales  rep  for  details  or  email  us  at  directresponse@nww.com. 
TEL:  800-622-1108  ext.  6507  or  FAX:  508-460-1192 


The  problem  is, 
your  timing's  off. 

Bad  timing  can  throw  a  wrench  into 
the  workings  of  any  company. 

In  today's  global  e-business  marketplace,  time  is  money. 

Accurate,  synchronized  time  for  all  your  network  components 
is  essential  for  integrity  and  security.  The  answer?  TymServe™ 
the  proven,  system-independent  solution  for  accurate  global 
time  synchronization.  Without  it,  you're  simply  out  of  time. 

■  Plug  and  play.  Rack-mountable  units  install  while  your 
server  is  up  and  running  -  unlike  others. 

■  Redundant  time  sources.  Use  GPS  (Global  Positioning  System), 
IRIG  (Inter-Range  Instrumentation  Group)  time  code,  CDMA, 

or  ACTS  dial-up  for  time  sources. 

■  Low  cost.  Improved  synchronization  and  unsurpassed 
reliability  leave  you  free  to  focus  on  other  issues. 

■  Secure  source.  NTP  (Network  Time  Protocol)  traffic 
stays  inside  the  firewall  -  unlike  other  time  solutions. 

>  www.datum.com/tsnwl  >800  782-9682 

©  Datum 

i-Buslnett  Solutions 
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Stay  on  top  of  IT  with  Rose  KVM  Switches! 

KVM  is  the  industry  acronym  for  Keyboard-Video-Mouse.  KVM  switches  save  money  and  space  in  your 


server  room  or  on  your  desktop.  Rose  is  a  pioneer  and  leading  manufacturer  of  KVM  products. 


TM 


UltraView  Pro 

1  user  up  to  256  computers 


Vista™ 

1  user  to  2,  4,  or  8  computers 


►  Multi-platform  for  PC,  Sun,  RS6000,HP,  DEC,  SGI 

►  Advanced  on-screen  display  technology 

►  Simple  bus  cabling  makes  expansion  a  breeze 

►  Switch  computers  from  your  keyboard  or  on-screen 
display 

►  Status  screen  shows  system  conditions  at  a  glance 

►  Security  features  prevent  unauthorized  access 

►  Flash  memory  for  free  lifetime  firmware  upgrade 

►  Programmable  view,  share,  control, 
and  private  modes 


ELECTRONICS 


►  Available  in  three  different  chassis  sizes; 

either  PC  or  multi-platform  (PC,  Unix,  Sun,  Apple) 

►  Advanced  on-screen  display  technology 

►  Simple  to  use,  keystrokes  switch  computers 

►  Flash  memory  for  free  lifetime  upgrade  of  firmware. 

►  Supports  up  to  1600  x  1280  resolution 

►  Full  emulation  of  keyboard  and  mouse  functions 

►  Security  features  prevent  unauthorized  access 

►  Simplified  cable  management 

USA 

10707  Stancliff  Road  Houston,  Texas  77099 
Phone  281  -933-7673  Fax  281-933-0044 

EUROPE 

Bourne  Works,  High  Street  Collingbourne  Ducis 
Marlborough,  Wiltshire,  SN8  3EH  United  Kingdom 
Phone:  +44  1 26  485  0574  Fax:  +44  1 26  485  0529 


►  Low  cost  and  easy  to  use 

►  Switch  computers  from  front  panel  or  keyboard 

►  Supports  PC  or  PC/Apple 

►  Supports  up  to  1600  x  1280  resolution 

►  Plug  and  play 

►  Supports  Microsoft  intellimouse 

►  Tested  with  Windows  95/98,  NT,  Linux,  and 
others 


Get  Your  Rose 
Catalog  Today 


WWW.ROSEL.COM 

800.333.9343 


Upgrade 

your  Career 


Degrees  in  Telecom  and  e-Commerce 

•  Prepare  for  positions  in  network  design,  network  engineering, 
and  telecom  management  with  bachelor's  and  master's  degrees  in 
telecommunications  management. 

•  Apply  your  skills  to  careers  in  web  design,  e-commerce  applications 
development,  product  and  project  management  or  e-commerce 
business  strategy  with  an  MS  or  MBA  in  E-Commerce. 

•  Locations  throughout  Northern  California  as  well  as  online. 


•  Flexible  schedules  allow  you  to  complete  your  degree  while  you  work. 
Golden  Gate  University  is  fully  accredited  by  the  Western  Association  of  Schools  and  Colleges. 


Control  from  two  computers 
to  hundreds  of  servers,  NTI 
has  the  innovative  KVM 
solution  for  you. 

■  Users  individually  command 
or  simultaneously  share  up 
to  512  computers. 


Seeking  Solutions  ...NTI  Has  The  Answers! 

MULTI-USER 
SERVER 
CONTROL 
IS  EASY! 


“I  Wm  flexible  control 

without  spending 
a  fortune!” 


■  Available  with  2,  4,  or  8  user 
ports. 

■  Dedicated  internal 
microprocessors  that 
emulate  the  keyboard  and 
mouse  presence  to  each 
attached  computer  so  all 
computers  boot  error-free 
100%  of  the  time. 


ST-4x16-U  ■  Crisp  and  clear  1900x1200 

UNIVERSAL  resolution 
MATRIX  SWITCH  ‘  Sff£op  models  for  2  or  4 


BUY  ONLINE  at  www.ntil.com/sn 


m.  ja  * 

jmKjBpL _ 

Jfc  Ki.  0L 

kt  'KM  a  .  M 


Email:  sales@nti1.com 


1275  Do.-T.iii  Drive  •  Aurora,  OH  44202 
33C  562-7W0  «  FAX:  330-562-1999 


LOW  COST  KVM  SOLtSTSONS 
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##0  premiere  designer  and  manufacturer 
''of  Modular  ergonomic  computer  support 
furniture,  enclosures  &  cabinets. 

Racking  Systems  •  Enclosures  •  19"  Rackmount  • 
Relay  Racks;*  Personal  Workstations  •  KVM 


2-61  Borden  Ave.  L.I.C,  NY  11101 

WWw,  He  rao.com 


mi  in  _ 


ornca 


SERVER 


SERIES 
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RMOINIS  PROBE 


Complete,  industry  standard,  software-based  RMON2  and 
RMON1  Probe  for  Windows  95/98/NT/2000 


I Network  Instruments  RMON  Probe  HH  E3 


IN 

ETWORK** 

1  £ile  Options  Help 

ilN 

IbedI^ikbh 

si mm 

OBSERVER* 

EXTENSIONS 

"  /  T 


Interfaces  1 


|  P/s  (  B/n  util  jopu" 


PCI  Fa st  Ethernet  DEC  21143  t 


•  Low  cost,  complete  RMON  monitoring  for  remote  sites  or 
segments. 

•  Software-only,  non-dedicated  data  collection. 

•  Pure,  full  RMON  1  and  2  support.  Complete  implementation  of 
both  RMON  1  and  2  for  Ethernet  (10/100)  and  Token  Ring  (4/16). 

Full  adherence  to  RFCs  1513,  1757,  2021  and  2074. 

•  Runs  as  a  service  on  Windows  NT  or  Windows  2000. 

•  Works  with  ANY  RMON  management  console  or  collection  facility 
(Observer  OpenView  ",  Concord  \  NetScout  ®  etc.). 

•  Compatible  with  Network  Instruments'  optimized  ErrorTrack ™  NDIS 
drivers  display  true  errors-by-station. 

•  Multiple  concurrent  network  interface  monitoring  (up  to  10). 

Why  pay  thousands  more  for  the  same  data? 

Call  800-526-7919  for  information,  or  see  our  web  site  at: 

www.net^orkinstruments.com 

©  2001  Network  Instruments,  LLC  -  Corporate  Headquarters  (952)  932-9899  FAX  (952)  932-9545 
UK  and  Europe  +44  (0)  1959  569880  FAX  +44  (0)  1959  569881  info@networkinstruments.com  www.networkinstruments.com 
Network  Instruments  and  the  "N”  logo  are  registered  trademarks  of  Network  Instruments,  LLC  Minneapolis,  MN  USA 


Manageitallfrom 

IpF  any  number  of  consoles  '  tP^  ^ 
locally,  or  on  your  network 
administrators’  desks,  or  even  from 
••  1^ a  remote  office  over  the  Internet.  _ 

r 

!*all  for  free  evaluation  of  Key-View  and  XP4000,  ; 
and  join  other  Fortune  500  companies  currently 
implementing  the  most  advanced  distributed 
network  management  solutions.  It  will 

make  you  shine!  ^^3  0  0  .6  3  fi  .3 

j  uj  in.  fl  a  c  kit  Tech  no  fogy,  co 


ling  for  Products  and  Se 


Visit  Network  World  Fusion’s 


www.nwfusion.com/linksmart 


in 

rna  r 

Products  as  Solutions 


Tel:  408.727.1122 
Fax:  408.727.8002 

343  1  DE  LA  CRUZ  BLVD. 
WWW.RECURRENT.COM 


technologies,  inc. 
SANTA  CLARA,  CA  95D54 
INFQ@RECURRENT.CaM 


N0RTEL  NETWORKS 

Unbeatable  Prices  —  In  Stock.  Call:  800-243-5267 


•  - 


►  Good  As  New  Gear— -at  better  than  new  prices 

►  Same  as  New  Warranties. 

Bay  Networks  (Nortel)  350T-HD  $650.00 
24  port  10/100  Auto  Switch  (AL201 2EI0) 

Refurbished,  Limited  Quantity 

National  LAN  Exchange 

www.nle.com  . 

fdF  1270  S.  1380  W.  #600  •  Orem,  UT  84058 
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New  Jersey  Inst,  of  Tech. 

(800)  624-9850 
cpe.njit.edu 

Distance  Learning:  A+,  Cisco,  ASP, 
HTML,  Dreamweaver,  Java,  Win2000 


Cable  University 

(800)  537-8254 
vvw.CableU.net 

FREE  online  training  in  network 
cabling  installation  &  maintenance 


NetworkTraining.com 

(800)  NET-SKIL 
(800)  638-7545 

Network  .Analysis  &  Tool  Training 
Certified  NetAnalyst  Testing 


To  Place  Your 
Listing  Here 
Call  Enku  Gubaie 
at  1-800-622-1108 


Contact  these  companies  today  to  help  you  with  your  training  needs! 


Enku  Gubaie 

800-622-1108  ext.  6465 
Internet:  egubaie@nww.com 
FAX:  508-628-3976  _ 


For  more  information  on  advertising  in 
Network  World’s  Marketplace  contact: 


!  CISCO 

New  &  Used  ■ 

Fully  Guaranteed  Se hab,a E,Panoi  ■■■■■ 

800.451.3407 

SO  Castilian  Drive,  Suite  110,  Santa  Barbara,  CA  93117 

Routers 
Switches 
Interface  Modules 
Access  Servers 
Accessories 

www.networkhardware.com 

BUY  ONLINE 


NETWORK  HARDWARE  RESALE 


Also,  Sell  Us  Your 
Unwanted  Networking 
Equipment! 

e-mail: 

yiurchasing@bizint.com 


All  Routers  and 
Switches  make 
Connections... 

BUY  BIZI’s  Quality 
Pre-Owned  Equipment 
&  Connect  for  a  lot  less! 


&  connect  tor  a  lot  less!  \ ,  -  f  ibm 

•  50*80%  Savings  off  Retail  List  Prices  *•  httpr//iwwW?ffizint.COm 

>  1 20-Day  Warranty  call  us  in  the  USA  at: 

•  100%  30  Day-Money  Back  Guarantee  (800)  406-3537  ext.  9375 
* Large  Inventory  of  Newer  &  Older  Products  or  (315)  458-9606  pq 

>  In-House  Knowledgeable  Technical  Support  fax:  (31 5)  458-9493 

•  Supplying  New  &  Quality  Pre-Owned  Your  global  partners  m  new « 

Networking  Products  for  over  10  years  fDI7l  ‘,uali,',use(l"e,working  euu'Pment 

•  Same  Day  Shipping  I  OIL!  info@bizint.com 


800-783-8979  gm 

Fax  916-781-6962  J 

We  Carry  ALL  Manufacturers 


r Specializing  In: 
3-Com 
Nortel 

Bay  Networks 
Cabletron 

CISCO 

Ascend 

Fibermux 

Livingston 

Micom 

Motorola 

Synoptics 

Data/Voice 

Network 

Solutions 


LAN/WAN 
BUY/SELL 
NEW/USED 
RENT/LEASE 
Fully  Warranted 

Switches 

Hubs 

Bridges 

Routers 

Multiplexers 

T-1  Equipt 

DSU/CSU 

Modems 

Alternative 

Data 

Communication 
Sources,  Inc. 
916-781-6952 


BUY/SELL 
USED  CISCO 


Why  buy  new  when  you  can  save 
hundreds  of  dollars  by  buying  used? 

Cisco  Systems 


CCNA/CCNP 
Training  Kits 


We  want  to  buy  your 
excess  Cisco  inventory! 


WWW.NETFIX.COM 
(210)  352-9804 

E-Mail:  sales@netfix.com 


BUY  Sc  SELL 

3Com 


*Corebuilder  *Netbuilder 
*  Superstack  II  &  III 


*Accessbuilder 


17.  S.  Bank 


Call  US 


Systems 


Tel:  323-936-3622 


Fax:  323-931-6691 


sales@usbanksystems.com 


Save  big  on  new/used:  Routers  ►  Switches 

►  T1/T3  DSU/CSU  ►  ATM  ^  ISDN  >  Frame  Relay  ►  XDSL 

►  Fast/GIGABIT/ENET  BUY/SELL/RENT  PARTNER 

_  _ PREMItR  CERTIFIED 


V  CISCO 

>-  Lucent 


NBTFAST  , 

^ _ ^  ►  Adfran 

www.  netfastusa.  com 


>  Alcatel 
>-  Larscom 


•  Alteon 


►  Unisphere  Networks  ►  Nortel  Networks 
>-  Juniper  Networks  >.  Foundry  Networks 

►  Extreme  Networks 
>-  Riverstone  Networks 


Quick  Eagle  Networks 


Netfast  Communications  Inc.,  56-29  56,h  Drive,  Maspeth,  NY  1 1378  USA 
Phone:  1-888-892-4726  or  718-894-7500  Fax:718-894-1573 

_  _  Network  World  -  1 2/2GOC 


Specialist  in  all  CISCO  Products 
Including  Memory  LAN/WAN  Products 

WE  CARRY  ALL  MANUFACTURERS 

Livingston  *  Ascend  •  US  Robotics  •  Micom  •  HP  •  3Com 
Adtran  •  Motorola  •  Codex  •  ADC 

WE  BUY  AND  SELL  ~  NEW,  USED,  LEASE,  RENT 

•  Routers,  VLANs  •  Access  Servers 

•  DSU/CSU’s  •  Hubs,  Modems 

•  Switches,  ATM  •  Voice  Over  IP 

888.801.2001 

phone  916.630.2001 
fax  916.630.2000 
Visit  our  Website  at: 
http://www.millenniumsolutions.net 


free  3Com  Palm  vi 


WE  BUY  USED 
Paimv  NETWORKING 


HIGHEST 
PRICES 
PAID! 


Bay  Networks 


caaerRon 

jYsrems 


Tfm  CarrgwM  httoatttnq  SetW 

Visit  www.4lanwan.com  to  enter  to  win  ^ 


WE  SELL  NEW  &  REFURBISHED 


GIGANTIC  DISCOUNTS  /  LONGEST  WARRANTIES! 

We  maintain  a  huge  inventory  of  parts  &  systems 
We  specialize  in  Legacy  &  hard  to  find  items 

Call,  E-mail  or  Fax  Your  Equipment  List. 


/  ^ 

£4  LANWAN.com 

*  A  niuicinn  r 


Celebrating 
Our  1 7th  Year 


*  A  Division  of  Ergonomic  Enterprises,  Inc. 

47  Werman  Court,  Plainview,  NY  11803 

CALL  TOLL  FREE:  877-4-LAN-WAN 

FAX:  516-293-5325  /  EMAIL:  SALES@4LANWAN.COM 
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(ft  careers.com 


Programmer/Analyst.  Designs  & 
dvlps  complex  data  processing 
systems  S  apps,  e-commerce 
based  internet  &  intranet  systems 
using  latest  web  dvlpt.  technology 
BSc  in  Comp.  Sci  or  related  field 
&  2  yrs  exp.  Software  Inf  1, 1135 
Chellenhcim  Ave,  #4.  Melrose 
Park.  PA  19027  Ref  SJ. 

Software  Engr-Dsgn,dvlp  &  implmt 
s/ware  systems  in  ADABAS, 
Natural  2.2  JCL,  TSO,  COBOL, 
DB/2  and  ISPF  using  IBM  main¬ 
frames.  Provide  tech  support  for 
production  problems  in  these 
environment.  Reqs  2  yrs  experi¬ 
ence  in  job  with  a  MS  in  engg  or 
5  years  in  job  with  a  BS  in  engg 
or  equivalent.  $72K/yr.EOE. 
Resumes  to  Shiva  Systems  635 
Anderson  Cir.,  #109.  Deerfield 
Bch.FL  33441 


You  can 
find  a 
better 

JOB 

with  one 
hand  tied 
behind 
your  back. 


Just  point  your 
mouse  to  the 
world’s  best 
IT  careers  site. 

Brought  to 
you  by 

Computerworld, 
Info  World  and 
Network  World. 

Find  out  more. 

Call  your 
ITcareers  Sales 
Representative 
or  Janis  Crowley, 
1-800-762-2977 


Where  the  best 
get  better 


(D  careers  IT  CAREERS 


Software  developer  in  Win32 
application  development  sought 
by  electronic  parcel  delivery 
company  in  Newton,  MA.  Must 
have  B.S.  in  Comp  Sci,  Math, 
Engg,  Physics  or  technology  and 
3  yrs  experience  in  any  software 
development  occupation.  Respond 
by  resume  to:  Holli  Salz,  HR  Mgr 
ATA  Bok,  Inc.,  29  Crafts  St., 
Suite  300,  Newton,  MA  02458. 

Systems  Analysts  wanted  by 
Computer  Consulting  Co  in 
Woodbridge,  NJ.  Must  have 
Bach  in  Comp  Sci/Comp 
Engg/Math/Physics  or  Comp 
Info  Systems  &  1  yr  s/ware 
related  exp.  Respond  to:  HR 
Dept,  U  &  X  Group,  Inc.,  1000 
Route  9  North,  Ste  203, 
Woodbridge,  NJ  07095. 

Systems  Analyst:  Coding,  testing 
and  debugging  of  programs  and 
development  of  various  programs 
for  Cyborg  HRIS  application 
utilizing  English  language. 
Cobol,  SQL,  Unix  Scripting  and 
DB2.  BS  in  Comp  Sci  (or  equiv) 
&  2  yrs.  exp.  Send  resume:  HR 
Dept.,  Fiserv  CIR.  Inc.,  145 
Pinelawn  Rd.,  Melville,  NY 
11747. 


Software  Engineer 

w/exp 

in  Oracle, 

Sybase, 

SQL  Server 

Unix  & 

Windows  NT. 

Apply  to 

:  Select  Appt. 

North 

America  60 

Flarvard 

Mills  Square, 

Wakefield,  MA  01880 

Software  Engineers  (multiple 
positions)  sought  by  New 
Jersey  based  Comp  S/ware 
Consultancy  Firm.  Must 
have  a  Bach  or  equiv  in 
Comp  Sci  or  Engg  &  1  yr 
s/ware  exp.  Respond  to:  HR 
Dept,  Sysfour  Solutions, 
LLC,  3530  Route  27,  Suite 
203,  Kendall  Park,  NJ 
08824. 


Computer  Systems  Analyst, 
Jersey  City.  Resp  inch  Suprvs 
creat'n/maintnc  of  accts  btwn 
offices,  rev  of  rprts/logs;  prfrm 
repr/clean/delete  accts/liaison 
w/int'l  afflits/mntr  reqs  for  biz 
processes/suprvs  cnsldtn  of  ofcs 
&  migratn  of  existg  e-mail:  estab 
remote  e-mail/  WAN  e-mail 
conctvty-dmstc/int'l;  MS  Engnr/ 
C.Sci/MCSE  Cert/CNE  Cert/2 
yrs  exp/Refs  Req'd  M-F.  Send 
res  Block  Drug  Co.,  Inc.,  257 
Cornelison  Avenue,  Jersey  City, 
NJ  07302  Attn:  K.  Sweeney,  HR. 


Programmer/Analysts,  Washing¬ 
ton,  DC.  Design,  develop,  enhance, 
implement  &  debug  client/server 
applications  &  websites  using 
C++,  Oracle,  and  Java  technolo¬ 
gies.  Reqd.  B.S.or  equiv.  in  C.S 
or  rel.  field  &  2  yrs  exp.  M-F, 
40hrs/wk.  Send  resume  to  S. 
Arsenyev,  Alazar,  LLC,  Ref. 
#101,  1815  Pennsylvania  Ave., 
Ste  1101,  Washington,  DC 
20006. 


Senior  Software  Developer: 
Lead  software  design  group  and 
develop  device  drivers,  operating 
systems  components,  network 
control  stacks.  M.S.  Computer 
Science,  Electrical  Engineering, 
Applied  Mathematics  or  related 
+  3  years  exp.  req.  in  UNIX 
and/or  LINUX,  Netware  and/or 
Windows  NT,  w/programming 
expertise  in  C++  and  object- 
oriented  design  &  Internet 
protocol  in  combinations  of 
TCP/IP,  TCP/  UDP,  HTTP,  WAP 
etc.  May  use  JAVA,  Realmedia, 
Media  Player,  and/or  Quicktime 
or  Voice  Response  interfacing. 
Send  resume  only  to:  ATTN:  Neil 
Diller,  EDGIX  CORP,  130  W. 
42nd  St.  Ste.  850,  NY,  NY 
10036. 


Senior  Software  Engrs  (2 
openings)  sought  by  legal 
publishing  co.  in  NYC  to  oversee 
research,  analysis,  design, 
development,  testing,  program¬ 
ming  and  documentation  of 
computer  software  in  client-server 
and  internet  environment. 
OOAD,  COM,  DCOM  technolo¬ 
gies;  GUI  and  Visual  C++, 
prototyping;  ADO,  Windows  SDK 
and  ODBC.  Resumes  to  HR 
Dept,  CCH  Legal  Information 
Services,  111  8th  Ave,  NY,  NY 
10011. 


Sr.  Programmer  wanted  by 
Financial  Services  Co  in  White 
Plains,  NY.  Dvlp  code  in  Java  & 
VB  for  system  applies.  Analyze 
user  reqmts  &  existing  s/ware 
systms.  Configure  &  modify 
systems  &  servers  for  optimal 
performance.  Must  have  Bach  in 
Comp  or  Electronic  Engg,  or 
closely  related  field  &  2  yrs  exp 
in  job  offd.  Respond  to  HR  Dept, 
ProAct  Technologies  Corp,  120 
Bloomingdale  Rd,  White  Plains, 
NY  10605.  Code#46856. 


Software  Engineer  -  Data 
integration  (Job  No.  DIN-10221) 
Must  have  an  M.S.  degree  in  CS 
or  ME  or  related  and  6  mos. 
experience  or  1  course  in:  mech. 
design;  2D,  3D  geometry  and 
animation  in  a  major  ME  related 
commercial  software;  math 
modeling;  num.  analysis  related; 
C++,  C;  Assembly  language; 
MS  Visual  C++,  Unix  C  shell. 
40.0  hr/wk.  9:00-5:00 
Contact  (with  job  No.): 

HR  Department,  Alventive  Inc., 
700  Galleria  Parkway,  Suite  400, 
Atlanta  GA  30339 
ssarkisian  @  alventive.com 


Software  Engineer  needed  for 
electronics  co  in  Princeton,  NJ  to 
design  &  devel  advanced 
distributed  call  control  &  internet 
session  control  software;  40 
hrs/wk;  Master's  deg  in  Comp 
Sci,  Math,  or  Engrg  &  1  yr  exp  in 
job  or  1  yr  exp  as  Research  Asst. 
Contact:  HR  Dept,  MECA,  3C-6, 
One  Panasonic  Way,  Secaucus, 
NJ  07094. 


The  Boston  Group,  a  global 
provider  of  software  and  internet 
based  e'commerce  solutions,  is 
seeking  motivated  IT  profes¬ 
sionals  specializing  in: 

Network  Infrastructure/Engi¬ 
neering;  Software  Design  & 
Development;  and  Web  Centric 
Design  &  Development 

Visit  our  website: 
www.bostongrouousa.com 

e-mail  your  resume  to  recruiter 
@  bostonarouDusa.com 
fax  your  resume  to  (508)  393- 
9794 

The  Boston  Group 
21  Southwest  Cutoff 
Northborough,  MA  01532 

THE 


BOSTON n 


IT  Project  Manager,  Orlando,  FL. 
Manage  multiple  projects  : 
application  development,  main¬ 
tenance,  installation  &  conver¬ 
sion  w/  emphasis  on  system 
integration;  investigations  of 
business  procedures,  system 
analysis  to  plan  strategies; 
perform  consulting  audits  of 
existing  data  processing 
systems  to  evaluate  effectiveness; 
apply  methodologies  &  standards 
through  a  hands-on  software 
development  approach  tailored 
to  a  client's  requirements;  design 
&  implement  data  warehouse 
technologies;  supervise  person¬ 
nel,  coordinate  resources,  report 
progress,  monitor  &  document 
projects.  Requires:  MS  in  Infor¬ 
mation  Mgmt  Systems  &  5  yrs 
exp.  Comp  Salary.  Send  resume 
to  Mr.  Pereira, Comp.  Mgmt  USA, 
13501  Ingenuity  Dr,  Suite  100, 
Orlando,  FL  32826. 


Network  Control  Operator 
wanted  by  a  Telemarketing 
co.  in  Fairfield,  New  Jersey. 
Must  have  a  min.  of  2  years 
exp.  with  wide  area 
telecommunications  network. 
Please  fax  resume  to  All  Pro 
Telemarketing  Corp.,  Att: 
Mark  (973)  244-1105. 


Hardware  Architects,  System 
Designers,  Software  Engineers, 
Programmer  Analysts,  Network 
Administrators,  Systems  Analysts 
needed  by  NJ  based  IT  firm  - 
Ranch  Networks.  Will  need 
bachelors  plus  1  -year  experience 
for  junior  level  positions,  and 
Masters  plus  2  years  or  Bachelors 
plus  5  years  of  experience  for 
senior  level  positions.  Please 
apply  with  2  copies  of  your 
resume  to  H.R.  Department, 
Ranch  Networks,  Inc.,  Suite  200, 
65  Highway  34,  Morganville,  NJ 
07751. 


♦ 


Software  Engineer:  Analysis, 
design,  development  and  testing 
of  Object  Oriented  Applications 
using  Cincom's  VisualWorks  and 
SmallTalk.  Development  of  various 
SmallTalk  tools  that  can  be  used 
on  the  test  channel  and  devel¬ 
opment  of  GUIs  for  these  tools. 
Generate  various  reports  including 
capacity,  Memory,  Restart,  and 
test  Specifications  for  creating 
and  updating  application  char¬ 
acteristic  documents.  Reviewing 
design  documents  such  as 
Application  Information,  Function 
Specifications  and  Function 
Frameworks.  Master's  in  Comp 
Sci.  or  Comp  Engg.  &  1  yr.  exp. 
in  job  offered  or  1  yr.  as 
SmallTalk  Programmer.  Send 
resume:  HR  Dept.,  Precision 
Systems  Design,  485  Morris  Av„ 
Suite  200,  Springfield,  NJ 
07081 . 


SENIOR  SOFTWARE 
ENGINEER.  Specializing  in 
security,  managing  a  group  of  6 
administrators.  Use  all  flavors  of 
UNIX  like  HPSun-Solaris,  Aix, 
DEC,  and  UNIX  security  tools 
like  powerbrokers,  ESM.  Tasks 
include  administration  of  UNIX 
security  and  evaluation  of  UNIX 
security  tools.  Master's  degree  in 
Computer  Science,  Engineering 
or  Math-related  and  2  years 
experience  in  job  or  programmer 
analyst  and/or  systems  analyst 
required.  Must  be  able  to  travel 
and  work  at  client  site  for  many 
months  at  a  time.  In  the  2  years' 
job  experience,  must  include  2 
years'  experience  in  C, 
ORACLE,  INFORMIX,  UNIX 
ADMINISTRATION  WITH 
POWERBROKERS  &  ESM. 
$66, 920/year. 

Submit  resume  to  Muraii  K. 
Suddala,  President,  Capricorn 
Systems,  Inc.,  3569  Habersham 
at  Northlake,  Building  K,  Tucker, 
GA  30084 


DATABASE  ADMINISTRATOR 
to  provide  on-site  consulting  in 
systems  and  database  adminis¬ 
tration  in  a  client/server  archi¬ 
tecture  using  HP-Servers,  COR- 
BA,  PowerBuilder  and  Gupta 
SQL;  system  analysis  and 
design  of  customized  products  in 
HP-UX  multi-platform  environ¬ 
ment  under  Solaris  and  Intel 
clustered  servers.  Require: 
B.S.  in  Computer  Science  or 
Mechanical  Engineering  with 
two  years  experience.  25%  paid 
travel  required  to  client  sites 
within  the  U.S.  Salary:  $70,000 
per  year,  9am  to  5:30  pm,  M-F, 
Job  Locations  in  Old  Bridge,  NJ. 
Must  have  proof  of  legal  authority 
to  work  in  the  U.S.  Apply  by 
resume  to:  President,  Compucom 
Global  Solutions,  Inc.,  105  White 
Oak  Lane,  Suite  101,  Old 
Bridge,  NJ  08857. 


IT  Project  L  eader,  Orlando,  FL. 
Conduct  studies  &  investigations 
pertaining  to  the  design,  devel¬ 
opment  &  implementation 
projects  of  new  &  existing 
information  systems  to  meet 
current  &  projected  business 
needs;  convert  existing  systems 
with  emphasis  on  integration; 
analyze  business  procedures 
&  processes;  perform  audits  of 
existing  data  processing  sys¬ 
tems  to  evaluate  effectiveness, 
provide  the  technical  lead  for  the 
team  during  the  process  of  new 
systems  development  in  either 
Oracle  Developer  &  Designer, 
Java  J2EE  or  EJB;  supervise  the 
execution  of  methodologies  & 
standards.  Requires:  BS  in 
Comp  Sci  &  3  yrs  Oracle  or  Java 
exp.  Comp  Salary.  Send  resume 
to  Mr.  Pereira,  Computer  Mgmt 
USA,  13501  Ingenuity  Dr,  Ste 
100,  Orlando,  FL  32826 


Software  Engineers,  Programmer 
Analysts,  Database  Analysts, 
Network  Administrators,  Systems 
Analysts  needed  by  NJ  based  IT 
firm.  Will  need  bachelors  plus  1 
year  of  exp.  for  junior  level 
positions,  and  Masters  plus  2yrs 
or  Bachelors  plus  5yrs  of  exp.  for 
senior  level  positions.  Please 
apply  with  2  copies  of  your 
resume  to  H  R.  Department,  Vision 
Consulting  Group,  Court  Towers, 
39  Hudson  Street,  3rd  Floor, 
Hackensack,  New  Jersey  07601 . 


Programmer  Analysts, 


w/exp  in  Visual  Basic, 


Oracle  and  SQL  Server. 


Apply  to:  SRM  Systems  & 


Software,  400  West 


Cumming  Park,  Suite  2950, 


Woburn,  MA  01801. 


Programmer  II  (Atlanta,  GA) 
Research,  design  and  develop 
software  utilizing  C++  and 
Javascript.  Devise  methods  for 
mathematical  calculation  of 
engineering  data  for  software 
development.  Analyze  software 
requirement  documentation  to 
prepare  additions  and  changes 
to  software.  Prepare  investiga¬ 
tion  and  defect  resolution  reports 
to  document  subprograms. 
Must  have  Bachelors  degree,  or 
foreign  degree  equivalent,  with 
major  or  concentration  in 
Computer  Science,  Mathematics, 
Engineering  or  related  scientific 
field.  Must  have  one  year  of 
college  level  mathematics  and 
one  year  experience  in  scientific 
or  engineering  application 
development.  Must  be  able  to 
program  in  C++  and  Javascript. 
Must  have  legal  authority  to 
work  in  the  U.S.  Send  resume 
to:  T.  Crowe  (Ref:PII)  Spectra 
Precision  Software,  5901 
Peachtree-Dunwoody  Road, 
NE,  Suite  A-300,  Atlanta.  GA 
30328 


Systems  Analyst.  $62K/yr.  8a-5p; 
40  hrs/wk.  Analyze  dsgn,  dvlp, 
test,  modify  &  maintain  comp 
s/ware  systms  &  applies  using 
Sybase  V.4.2,  Sybase  S  10 
RDBMS,  PowerBuilder  V  4.0,  C, 
SQL,  Watcom  SQL,  Powerscript, 
COBOL,  Pascal,  Fortran,  MS- 
Works  &  MS-ODBC.  Masters  or 
equiv  deg  w/major  field  of  study 
in  Comp  Sci  or  Engg  or  Technol¬ 
ogy.  Exp:  None.  Must  document 
educational  qualifs  &/or  work 
exp  showing  skills  to  perform  job 
duties.  In  lieu  of  Masters  degree, 
candidate  can  have  a  Bach  deg 
&  2  yrs  work  exp  in  job  offd 
using  Sybase  S  10  RDBMS, 
PowerBuilder  V  4.0,  C.  SQL, 
Watcom  SQL,  Powerscript, 
COBOL.  Job  opportunity  loc  in 
Lawrenceville,  GA.  Please  send 
resume  or  apply  in  person  at: 
Gwinnett  Job  Order  #GA 
6956278,  1535  Atkinson  Road, 
Lawrenceville,  GA  30043-5601 
or  the  nearest  Dept,  of  Labor 
Field  Services  Office. 


Software  Engineer  wanted  for 
software  design,  develop., 
support,  definition  &  reqts.; 
develop  diagnostic  software  & 
verify  new  hardware  developed 
for  state-of-the-art  MPLS  based 
tele/data  communication  access 
devices;  program  in  C  under 
Linux  OS;  maintain  existing 
diagnostic  code;  resolve  related 
bugs  &  issues;  write  code  for 
implementation  of  design; 
validate  products  &  processes; 
design  object-oriented  applica¬ 
tions  following  development 
methodology  on  all  software 
development  &  support  activities; 
assist  tech,  documentation  in 
generating  user  documentation 
&  testing  programs  for  quality 
assurance.  Must  have  Bach, 
deg.  in  Comp.  Sci.,  Elec.  Eng.  or 
related  field,  &  2  yrs.  software 
develop,  exper.  in  C  language, 
incl.  exper.  with  Unix  /  Linux, 
Real  Time  programming  & 
microprocessors.  40/hr/wk. 
Salary  $72,441/yr.  Send  2 
resumes  to  Case#  20010017, 
Labor  Exchange  Office,  19 
Staniford  St.,  st  FI.,  Boston,  MA 
02114. 


Software  Developer:  Create  new 
or  improve  existing  proprietary 
software  in  Internet  content 
delivery  working  in  conjunction 
with  external  clients  and  internal 
test  groups  to  define  needs  and 
priorities,  using  a  working  knowl¬ 
edge  of  UNIX  and/or  LINUX,  NT 
or  Netware  Operating  environ¬ 
ments  with  programming  expertise 
in  C/C++  and  object-oriented 
design  and  MPEG  with  protocols 
(TCP/IP  or  related)  interfacing. 
Plan,  develop,  test  and  document 
computer  software  programs  for 
high  speed  delivery  of  Internet 
content  using  satellite  routing 
and  point  of  presence  (POP) 
servers  with  client  Internet 
Service  Providers,  particularly 
for  frequency  demand  and 
loading  protocols.  Master  of 
Science,  Computer  Science, 
Electrical  Engineering  or  related, 
plus  1  year  or  more  experience 
Send  resume  to  Edgix,  Attn: 
Tracey  #88,  Suite  850, 130  West 
42nd  St.,  NY,  NY  10036. 


j  Data  Protection  Analyst 

]  Three  positions  available.  Assist 
j  the  development,  implementation 
j  and  maintenance  of  a  data  pro¬ 
tection  system  for  separate  data 
assets  using  Checkpoint  Firewall, 
Safeword  Authentication  server, 
SATAN,  Tripwire,  UNIX  systems 
administration.  Perm,  Shell,  and 
TCP/IP.  Develop  RACF  rules  and 
daia  protection  policies.  Perform 
data  owner  interviews/consulta¬ 
tion.  Assist  in  receiving  issues 
related  to  security  exposures. 
Report  P&P  violations  and 
implement  audit  procedures. 
Provide  programming  mainte¬ 
nance  support  for  data  protection 
functions.  Requirements:  Master's 
(6  years  of  college)  or  foreign 
degree  equivalent  in  Computer 
Science,  Math,  Engineering  or 
related  field  plus  1  year  of  expe¬ 
rience  in  offered  position  or  in 
systems  administration,  OR 
Bachelor's  (4  years  of  college)  or 
foreign  degree  equivalent  in 
Computer  Science,  Math,  Engi¬ 
neering  or  related  field  plus  8 
years  of  experience  in  offered 
position  or  in  systems  adminis¬ 
tration.  Stated  experience  must 
have  included  1  year  with  UNIX 
systems  administration  and 
network  protocols,  including 
TCP/IP.  Salary  range:  $46,160- 
100,056/yr,  40  hours/week, 
Mon-Fri.,  8  a.m.to  5  p.m.  Position 
located  in  Memphis,  TN. 

Submit  resumes  to: 
Department  of  Labor, 

Job  Service  Program 
500  James  Robertson  Parkway, 
11th  Floor 

Nashville,  TN  37215-1200 


Sr  Database  Administrator. 
Maintain  multiple  ADABAS  and 
ORACLE  databases  (DB),  install 
&  maintain  DB  mgmt  s/w  & 
related  products,  incl  ADABAS, 
NATURAL,  PREDICT,  ENTIRE- 
NET-WORK.  ENTIRE-ACCESS, 
NATURAL  SECURITY  & 
ORACLE  RDBMS;  design, 
implement,  &  maintain  DBs  & 
DB  dictionaries;  monitor  DBs  for 
validity,  organization,  protection, 
security,  &  performance;  install  & 
configure  new  versions;  proac¬ 
tively  monitor  &  maintain  perfor¬ 
mance;  maintain  data  &  program 
security;  &  provide  guidance  & 
assistance  for  less  exp  personnel 
in  DB  app  development,  testing, 
&  maintenance.  Req:  B.S., 
Comp.  Sci.  or  equiv.;  &  5  yrs  exp 
as  Database  System  Eng, 
Consultant,  or  sim,  3  of  which 
shd  be  w/  each:  SAG  products 
(incl  ADABAS,  NATURAL), 
ORACLE,  UNIX,  CICS,  NATUR¬ 
AL  SECURITY,  PREDICT,  DOS/ 
VSE  ESA,  and  ENTIRE.  Exp. 
may  be  gained  concurrently. 
$64,690/yr.  40  hrs/wk.  All 

resumes  must  incl  Soc  Sec#. 
Apply  to  your  nearest  Job 
Service  office  or  send  resume  to 
Job  Service,  1316-C  N.  Broad 
Street,  Edenton,  NC  27932. 
Refer  to  J.O.  #  NC  3203299, 
DOT  Code  039.162-010.  If  not  a 
U.S.  Citizen  specify  current  visa 
status. 


Accurate  Softwares  Int,  Inc.,  a  NJ 
IT  Co.  is  looking  to  fill  up  the 
following  positions  at  their  work 
sites: 

Programmer  Analyst/Software 
Engineer  -  Bachelors  degree  in 
engineering  (any),  math,  science 
and  two  years  of  experience  in 
the  job  (or)  five  years  of  experi¬ 
ence  in  the  job.  Will  accept 
Bachelors  degree  +  five  years 
experience  in  the  field.  Prefer  the 
experience  in  the  following  skill 
sets,  Cobol,  AS/400,  HTML, 
ORACLE,  Developer  2000,  Visual 
Basic,  CICS,  UNIX,  C++.  JAVA, 
RDBMS. 

Programmer  Analyst:  two  years 
experience  required  and  experi¬ 
ence  in  skill  sets  mentioned 
above. 

Software  Engineer  -  Masters 
degree.  Analyze,  design,  develop 
application  systems  in  conjunction 
with  hardware  using  skill  combi¬ 
nations  in  same  skills  above 
mentioned. 

j  Send  resumes  to  Accurate 
j  Softwares  International,  Inc, 
sHuman  Resources,  100 
I  Hampshire  Drive,  Piainsboro.  NJ 

06536. 
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PeopieSaft  has  opportunities  for  technical  and 
marketing  professionals  in  California  (Pleasanton, 
Santa  Clara,  San  Mateo,  Encino  and  other  loca¬ 
tions),  Bethesda,  Md.,  Waltham,  Mass.,  Teaneck, 
N.J..  Atlanta,  Ga.,  and  across  the  U.S.  for: 

Software;  Engineers  and  Consultants 

Systems/Programmer  Analysts 

Technical  Writers  and  Curriculum  Specialists 

Marneting  Analysts,  Program  Managers  and 
Direct  Marketing  Managers 

For  consideration,  please  send  your  resume  to 

PeopieSoft,  Inc.,  Attn:  Human  Resources 
Manager,  2377  Gold  Meadow  Way,  Suite  110, 
Gold  River,  CA  95670,  fax:  916-631-1515. 

We  support  workforce  diversity. 


CUSTOMERS  •  EMPLOYEES  •  SUPPLIERS 


pFOPIT  Peo|Jle 


power  the  internet" 


Systems  Engineer  (2  positions)- 
Analyze  data  processing 
requirements  to  plan  data 
processing  system  that  will 
provide  system  capabilities 
required  for  projected  work 
loads.  Plans  layout  and  installation 
of  new  system  or  modification  of 
existing  system.  Requires  Master 
in  Computer  Science,  Engineering 
or  Mathematics.  Must  have  2 
years  experience  in  the  job 
ottered  or  2  years  experience  in 
Systems  Administration,  Pro¬ 
grammer  Analyst  or  Software 
Engineer.  5  day,  40  hr/wk, 
$66,100/yr.  Please  mail  resumes 
to  Colorado  Department  of 
Labor  and  Employment  Programs, 
ATTN:  Jim  Shimada,  Two  Park 
Central  Suite  400, 1515  Arapahoe 
Street,  Denver,  CO  80202-2217 
and  refer  to  order  number 
JL1 117195. 


Software  Developers  (multiple 
position)  wanted  by  Co  involved 
in  electronic  distribution  of  finan¬ 
cial  research  in  New  York,  NY. 
Must  have  BS  in  Applied  Math, 
Comp  Sci,  Info  Sys  or  Electrical/ 
Electronic  Engg  &  2  yrs  exp 
dsgng  &  implementing  comp 
s/ware  for  information  distribution 
services  over  intranets  &  internet. 
Respond  to:  Mr.  Feinberg, 
Multex.Com,  Inc.,  445  Bush 
Street,  San  Francisco,  CA 
94108. 


SOFTWARE  ENGINEER: 

Research,  design,  and  develop¬ 
ment  of  computer  software 
systems,  in  conjunction  with 
hardware  product  development, 
applying  principles  and  tech¬ 
niques  of  computer  science, 
engineering  and  mathematical 
analysis;  analyses  of  software 
requirements  to  determine 
feasibility  of  design  within  time 
and  cost  constraints;  consults 
with  hardware  engineers  and 
other  engineering  staff  to  evalu¬ 
ate  interface  between  hardware 
and  software,  and  operational 
and  performance  requirements 
of  overall  system;  formulates  and 
designs  software  system,  using 
scientific  analysis  and  mathe¬ 
matical  models  to  predict  and 
measure  outcome  and  conse¬ 
quences  of  design;  develops 
and  directs  software  system  test¬ 
ing  procedures,  programming, 
and  documentation;  consults 
with  customers  concerning 
maintenance  of  software 
system;  coordinates  installation 
of  software  system.  Requires 
Bachelor  Degree  in  Computer 
Science.  Engineering  ora  reialed 
field.  Work  40  hours  per  week, 
M-F,  8-5.  Position  available  in 
Columbus.  Ohio.  Send  resumes 
to:  Gail  A.  Wesline,  SAIC,  301 
Laboratory  Road,  Oak  Ridge,  TN 
37831. 


Senior  Applications  Developer. 
Provide  dvlpmt  of  interactive 
components  &  web  site  applies 
tor  ail  of  Co’s  web  sites;  specifying 
functionality,  creating  prototypes 
&  d/base  integration.  Review 
source  code  to  assure  quality  & 
precision.  Provide  thorough 
testing  of  applies.  Maintain  applic 
dvlpmt  standards  across  all  web 
sites.  Provide  project  mgmt  for 
dvlpng  web  site  applies.  BS  deg 
in  comp  sci,  mgmt  info  science 
or  related  field  plus  3  yrs  exp  in 
job  offd  or  as  web  applies  dvlpr; 
d/base  analyst  or  similar  job 
duties  under  different  job  title.  3 
yrs  exp  in  applies  dvlpmt  using 
Sapphire  &  ORACLE  d/base 
tools  on  UNIX  &  Win  operating 
systms;  theoretical  or  practical 
knowledge  of  web  site  architec¬ 
ture,  d/base  structure,  server 
s/ware,  Java,  Perl,  &  JavaScript. 
One  year  experience  with 
Sapphire  Application  Server.  40 
hrs/wk,  $55K/yr.  Must  have  proof 
of  legal  authority  to  work  in  US. 
Send  your  resume  to  Iowa 
Workforce  Center,  925  E.  Fourth 
St„  Waterloo,  Iowa  50703-3925. 
Please  refer  to  Job  Order 
IA1101179.  Employer  paid 
advertisement. 


Programmer  Analyst  (2  positions) 
-  Plans,  develops,  tests  and 
documents  computer  programs, 
applying  knowledge  of  program¬ 
ming  techniques  and  computer 
systems.  Will  code,  maintain  and 
modify  programs.  Will  perform 
routine  tasks  and  will  work  under 
close  supervision  while  assisting 
staff.  Work  is  closely  monitored 
and  reviewed  for  accuracy.  Must 
have  2  years  experience  in  the 
job  offered  or  2  years  experience 
as  a  Systems  Analyst,  Software 
Engineer  or  Systems  Engineer. 
5  day.  40  hr/wk,  $55,995/yr. 
Please  mail  resumes  to  Colorado 
Department  of  Labor  and 
Employment,  Employment  Pro¬ 
grams,  ATTN:  Jim  Shimada,  Two 
Park  Central,  Suite  400,  1515 
Arapahoe  Street,  Denver,  CO 
80202-2117  and  refer  to  order 
number  JL1 11 7205. 


Information  Systems  Analyst 
(Acctg  &  Fin)  Assess  acctg  & 
finance  info,  requirements  for 
preparation  of  finan.  &  acctg 
statements  &  revenue  projec¬ 
tions.  Design  &  implement 
optimal  comp.  sys.  Serve  as  in 
house  exp  Req:  MBA  or  Masters 
Deg  in  Comp  Sci.  w/ course  work 
in  Acctg,  Finance.  40  hr/wk. 
Please  send  resume  to  People 
Tech  Corporation,  Inc.  2261 
market  St.  #300  San  Francisco, 
CA  94114-1600 


PROGRAMMER/ANALYST 
DATABASE  ANALYST 

Offshore  Digital  Services  seeking  candidates  with  commercial  experience 
in  the  areas  listed  below  - 

•  programmer/analysts  and  application  programmers  with  2-7  years  com 
mercial  experience.  Candidate  should  have  a  BS  (or  foreign  equivalent)  in 
Computer  Science  or  a  related  field 

•  database  analysts  and  developers  with  minimum  3  years  commercial  ex¬ 
perience.  Candidate  should  have  an  MS  (or  foreign  equivalent)  in  Comput¬ 
er  Science  or  a  related  field 

Full  time  permanent  positions  are  available  in  the  San  Francisco  Bay  area, 
and  nationwide. 

Operating  System  -  Unix,  MS  Windows,  NT/95,  OS/2  RDBMS  -  Sybase, 
Oracle,  MS  SQL'Server,  Informix  Front-end  tools  -  Visual  Basic,  Power¬ 
Builder,  Developer  2000,  Designer  2000  Applications  -  ERP,  Inventory, 
Purchasing,  Distribution  Internet  ProgrammingTools  -  Web  Servers,  ASP 
Java  Languages  -  C,  C++, Perl 

Offshore  Digital  Services  provides  competitive  salaries,  benefits,  and  a 
bonus  program  designed  to  encourage  long-term  employment  and  in¬ 
creased  customer  revenue.  Interested?  Send  a  detailed  resume  with  post 
applied  tor.  education  background,  project  experience,  and  geographic  pref¬ 
erences  to: 


The  Personal  Manager  Offshore  Digital  Services,  Inc. 
14798  Wicks  Boulevard  San  Leandro,  CA  94577  | 
Fax:  510-483-1819  Email:  personnet@odsi.com  j 


OFFSHORE 


Software  Engineer:  Design, 
develop,  test  and  implement 
system  Software  using  C++/C 
under  UNIX  operating  and  em¬ 
bedded  software  involving  tele¬ 
phony  voice  call  processing, 
TCP/IP  networking  software.  FAX 
T.30  protocol,  and  device  drivers. 
Job  to  be  performed  at  Richardson , 
TX  and  various  unanticipated 
client  sites  throughout  the  U.S. 
Req.  Masters  degree  in  either 
Math,  or  Engg.  or  Sci.  or  Comp.  Sci 
and  1  yr.,  exp.  in  the  job  offered  or 
1  yr.  in  the  related  occupation  as 
Programmer  Analyst.  Will  accept 
a  Bachelors  degree  and  five  (5) 
yrs.  of  progressive  experience  in 
the  relevant  field  in  lieu  of  a 
Master’s  Degree.  Salary:  $68,000. 
Hrs.  40  hr.  wk.  Mon/Fri.  8:00AM  to 
5:00PM.  Apply  at  the  Texas 
Workforce  Commission,  Dallas, 
Texas  or  send  resume  to  the  Texas 
Workforce  Commission,  1117 
Trinity,  Room  424T,  Austin,  Texas 
78701 ,  J.O.  #TX1 1 01 966,  Ad  paid 
by  An  Equal  Opportunity 
Employer. 


Senior  Software  Engineer: 
Interviews  conducted  in  Dallas, 
TX.  Interact  with  users;  design 
&  develop  software  application 
systems  in  IBM  mainframe  and 
UNIX  environments  using  C, 
COBOL,  C!CS,  DB2,  &  ISPF, 
JCL  &  VSAM  Supervise/Lead 
1-5  engineers-programmers. 
Travel  to  &  stay  at  client  sites  for 
extended  periods.  Reqs.  Bache¬ 
lor's  in  Comp.  Sci.  or  Physics  or 
Math  plus  5  yrs  exp.  in  job 
offered  or  as  Sr.  Programmer/ 
Analyst,  OR  Master's  in  Comp. 
Sci.  or  Physics  or  Math  plus  1  yr. 
exp.  40  hrs/wk.  $68,000/yr.  Apply 
at  Texas  Workforce  Commission, 
Dallas,  Texas,  or  send  resume  to 
Texas  Workforce  Commission, 
1117 Trinity,  Room  424T,  Austin, 
Texas  78701 ,  J.O.#  TX1 1 01 974. 
"Ad  paid  by  equal  opportunity 
employer”. 


Software  Engineers  (multiple 
positions)  sought  by  Illinois-based 
Comp  S/ware  Consultancy  Firm. 
Must  have  Bach  or  equiv  in 
Comp  Sci  or  Engg  &  1  yr  s/ware 
exp.  Respond  to:  HR  Dept., 
Pegasus  Knowledge  Solutions, 
Inc.,  1111  Plaza  Drive,  Suite 
310,  Schaumburg,  IL  60173. 


Computer  Programmer  Analyst: 
Design, Develop  &  implement 
Oracle  Applications  using 
Oracle, SQL, PL/SQL,Forms  & 
Reports.  Req:  Masters  Degree  in 
Computer  Science  or  Business 
Admin  or  Bachelor's  Degree  with 
5yrs  exp  40hrs/wk.  Send  resume 
to:  Infotas  Solutions  Inc,  P.O.Box 
4271  .Culver  City.CA  90231 . 


Windows  Software  Engineer. 
Duties:  Responsible  for  creating 
client,  DJ  and  radio  station  tools 
interfacing  to  a  high-traffic,  global 
tuning  system  for  Internet  radio 
broadcasting.  Duties  include 
researching,  designing  and 
developing  computer  software 
systems,  in  conjunction  with 
hardware  product  development. 
Apply  principles  and  techniques 
ot  computer  science,  engineering 
and  mathematical  analysis  to 
consult  with  hardware  engineers 
and  other  engineering  staff  to 
evaluate  interface  between 
hardware  and  software,  and 
operational  and  performance 
requirements  of  overall  system. 
Responsible  for  developing  and 
directing  software  system  testing 
procedures  and  programming, 
and  documenting,  coordinating 
and  consulting  with  partner 
stations  and  OEM's  concerning 
maintenance  and  installation  of 
software  system.  Duties  involve 
knowledge  and  application  of  C, 
C++,  Visual  C++/MFC  (Microsoft 
Foundation  Classes)  and 
Windows  NT.  Requires:  M.S.  or 
foreign  equivalent  in  Computer 
Science  or  related  field  and  3  yr. 
exp.  in  job  offered  or  3  yr.  exp.  as 
a  Software  Engineer.  Exp.  which 
may  have  been  obtained 
concurrently  must  inch  3  yr.  exp 
in  C,  Visual  C++/MFC  (Microsoft 
Foundation  Classes)  and  Win¬ 
dows  NT.  In  lieu  of  Master’s 
Degree  or  foreign  equivalent  will 
accept  a  Bachelor's  Degree  or 
foreign  equivalent  plus  five  years 
of  progressive  experience.  EOE. 
40hrs/wk.  send  resume  (no 
calls)  to  Tim  Freeman,  Chief 
Financial  Officer,  IM  Networks, 
Inc.  241  Polaris  Avenue,  Mountain 
View,  California  94043. 


Software  Engineer:  Design, 
development  and  testing  of 
client/server  system  using 
relation  like  Borland  C,  Visual 
C++,  MFC,  Windows  NT  for 
Telecom  applications.  Job  to  be 
performed  at  Richardson,  TX 
and  various  unanticipated  client 
sites  throughout  the  U.S.  Req. 
Masters  degree  in  either  Math, 
or  Engg.  or  Sci.  or  Comp.  Sci  and 
1  yr.,  exp.  in  the  job  offered  or  1 
yr.  in  the  related  occupation  as 
Programmer  Analyst.  Salary: 
$65,000.  Hrs.  40  hr.  wk.  Mon/Fri. 
8:00AM  to  5:00PM.  Apply  at  the 
Texas  Workforce  Commission, 
Dallas,  Texas  or  send  resume  to 
the  Texas  Workforce  Commission, 
1 117  Trinity,  Room  424T,  Austin, 
Texas  78701.  J.O.#TX1 101965. 
Ad  paid  by  An  Equal  Opportunity 
Employer. 


Technical  Director:  Atlantis 
Infotech,  Inc.  a  leading  provider 
of  IT  services  and  solutions  in 
Sacramento,  CA  is  seeking 
candidate  to  head  its  technical 
department  who  will  guide  IT 
project  managers  executing  IT 
projects  independently  and  will 
be  responsible  for  projects  over¬ 
all  management.  Must  have 
Master’s  degree  in  Computer 
Science,  and  field  of  Engineering 
or  any  field  of  Mathematics  or  its 
foreign  equivalent  with  three  (3) 
years  experience  in  software 
development  or  job  ottered  or  a 
Bachelors  degree  in  Computer 
Science,  any  field  of  Engineering 
or  any  field  of  Mathematics  or  its 
foreign  equivalent  with  five  (5) 
years  experience  in  software 
development  or  job  offered. 
Send  resume  to  H.R.  Dept., 
Atlantis  Infotech,  Inc,  6060 
Sunrise  Vista  Dr,  suite  #1350, 
Citrus  Height,  CA  95610. 


The  World  Of 
Work  Is  Changing 
Every  Week. 


Luckily,  We  Are  Too! 

For  the  most  up  to  date 
opportunities  and  coverage, 
stay  tuned  in  with  us. 

ITcareers 

where  the  best  get  better 

1-800-762-2977 
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fl)  careers  IT  CAREERS 


You  can 
find  a 
better 

JOB 

with  one 
hand  tied 
behind 
your  back. 


Just  point  your 
mouse  to  the 
world’s  best 
IT  careers  site. 

Brought  to 
you  by 

Computerworld, 
Info  World  and 
Network  World. 

Find  out  more. 

Call  your 
ITcareers  Sales 
Representative 
or  Janis  Crowley, 
1-800-762-2977 


Where  the  best 
get  better 


Information  Technology  Specialist. 
Dvips  prgmg  code  utilizing  langs 
&  tools  outlined  in  program 
specs  to  carry  out  reqmts  accdg 
to  existing  stds.  Dvips  reports, 
templates,  prgmg  code,  spread¬ 
sheets,  &  other  work  product,  by 
interpreting  prgm  specs,  utilizing 
appropriate  tools,  performing 
testing  &  prep  documentation. 
Tests  prgms  &  reviews  results  to 
detect  &  correct  errors  prior  to 
submitting  test  results  for  review 
&  approval.  Implmts  prgms. 
Performs  systms  analysis  & 
dsgn  on  complex  systms.  BS  in 
Comp  Sci,  Engg  or  related  field 
+  1  yr  exp  in  job  offered  or  in 
related  occupation  such  as 
Comp  Prgmr.  Exp  to  incl 
COBOL,  CICS  &  REXX  prgmg, 
VSAM,  OS/JCL.  40  hrs/wk. 
$33,862.40/yr.  Must  have  proof 
of  legal  auth  to  work  in  US.  Send 
your  resume  to  Iowa  Workforce 
Center,  215  Watson  Powell  Jr. 
Way,  Des  Moines,  IA  50309- 
1727.  Please  ref  to  JO 
IA#1 1011 95.  Employer  paid  ad. 


Talent  is 
the  fuel  of 
the  new 
economy. 

Fill  up 
with 

ITcareers. 
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ITcareers  and 
ITcareers.com 
can  put  vour 
message  in  front 
of  2/3  of  all  US 
IT  professionals. 
If  you  want  to 
make  hires, 
make  your  way 
into  our  pages. 
Call  Janis 
Crowley  at 
1-800-762-2977 


ITcareers 

where  the  best 
get  better 


For  High  Tech  Jobs  go  to  www.dice.com 

&  iice.com 

High  tech  jobs  online 


NASDAQ:  EWBX  0  AN  EARTHWEB  SERVICE 


CyberTech  Systems,  provides  IT  strategy  consulting,  systems 
integration  and  software  development  to  clients  nationwide.  We 
have  immediate,  full-time  opportunities  for  both  entry-level  and 
experienced  professional  in  any  of  the  following  areas: 

SAP  R/3 

♦  Functional  (Financials,  Logistics,  HR) 

♦  Technical  (BASIS,  ABAP,  ALE/EDI) 

NETWORKING 

♦  Systems  Engineers  (MCSE) 

♦  LAN/WAN  Specialist  (CISCO) 

APPLICATION  DEVELOPMENT 

♦  Microsoft  Certified  Solution  Developer  (Visual  Basic,  Visual  C++) 

♦  Database  Administrators  (Oracle,  SQL  Server) 

♦  Web  Based  Development  (Java  or  JavaScript,  CORBA,  Microsoft 

ASP,  ActiveX,  COM/DCOM) 

Job  opportunities  are  also  available  for  Sale  Managers,  Marketing 
Managers,  Business  Managers,  Human  Resources  Managers, 
Controllers  and  Technical  Recruiters.  Bachelor's  or  Master’s  degree 
required,  depending  on  position.  We  also  accept  the  foreign 
educational  equivalent  of  the  degree  or  the  degree  equivalent  in 
education  and  experience.  Excellent  benefits.  Send  confidential 
resume  and  salary  requirements  to:  CyberTech  Systems, Inc.  1111 
W.  22nd  Street,  8th  Floor,  Oak  Brook,  IL  60523  OR  8  Neshaminy 
Interplex,  Suite  209,  Trevose,  PA  19053.An  equal  opportunity 
employer. 


Technical  Consultant  sought  by 
company  in  Denver,  CO  special¬ 
izing  in  business  software  solu¬ 
tions  to  work  in  Denver  &  other 
unanticipated  job  sites  in  the  US. 
Provide  technical  implementa¬ 
tion  assistance,  support, & 
training  to  internal  &  South 
American  external  users  regard¬ 
ing  software  applications  &  tools 
that  run  in  a  client/server 
environment  or  are  web-en- 
abled,&  which  interface  with  a 
variety  of  relational  database 
management  systems.  Trou¬ 
bleshoot  &  resolve  problems  that 
arise,  test  solutions, &  act  as 
liaison  between  users  &  the 
applications  &  tools  development 
groups.  Engage  in  project 
management  as  required. 
Requires  Bachelor’s  or  foreign 
equivalent  in  comp.  sci.  or  related 
field(incl.  MIS);fluency  in  Spanish 
&  English;  working  knowledge  of 
the  technical  consulting  role  in 
implementing  &  supporting  in¬ 
stalled  computer  software 
applications  that  run  in  a 
client/server  environment.8am- 
5pm,M-F;$45,000/yr.(2  open¬ 
ings.)  Respond  by  resume  to 
James  Shimada,  Colorado 
Department  of  Labor  &  Employ¬ 
ment,  Employment  &  Training 
Division,  Tower  II, #400, 1515 
Arapahoe,  Denver,  CO  80202, & 
refer  to  Job  Order  Number  JL- 
1117321. 


Client/Server  Applications  Analyst 

Technical  support  for  BeneSys 
on  HP3000  using  COBOL  & 
Powerhouse.  Maintain  software 
using  COBOL,  VB,  SQL,  Power¬ 
house  4GL.  Generate  reports 
using  Quiz,  Access,  Crystal, 
Impromptu,  Powerplay,  etc. 
Implement  functions:  operations 
set-up,  conversion,  migration  & 
turnover.  Maintain  &  perform 
data  warehouse  &  mining  using 
COGNOS  &  maintain  infominers. 
Customize/implement/maintain 
QCSI's  QMACS  using  VB  & 
SQL.  Deliver  applications  & 
support  to  users.  Req.  min.  5 
years  exp.  Reply  to: 

Motion  Picture  Industry 
Pension  &  Health  Plans 
P.O.  Box  1999, 

Studio  City,  CA  91614 


Prgrmmr  Anlst.  No  Exp.  Reqd. 
Main.,  implmnt  Oracle  Fin.,  data¬ 
base  design,  qlty.  cntrl  of  systs. 
Developer  2000,  SQL,  PL/SQL  , 
SQL-Plus,  HTML,  CGI.  Req:  BS 
in  Engnrng.  40  Hr.  wk.  Job/lntrvw 
site:  Calabasas,  CA.  Send 
resume  to  Alcatel  Internetworking. 
Inc.  26801  W.  Agoura  Road, 
Calabasas,  CA  91301. 


ENGINEERING 

Everything  exciting  in  technology 
today  begins  with  the  manufac¬ 
turing  systems  and  processes 
Applied  Materials  has  pioneered. 
The  semiconductors  that  help 
enable  the  information  age  are 
powered  by  our  innovations.  And 
they  are  invented,  pedected  and 
supported  by  people  like  you.  If 
you  want  to  make  an  impact  on 
all  that's  happening  in  the  world 
of  technology,  it’s  time  to  join 
Applied  Materials.  We  encourage 
candidates  with  both  BS  and  MS 
degrees  to  apply.  We  have 
openings  at  our  Santa  Clara,  CA 
site  as  well  as  our  subsidiaries, 
Applied  Komatsu  Technology  in 
Santa  Clara,  CA,  ETEC  Systems, 
Inc.  in  Hayward,  CA  and  Consil¬ 
ium,  Inc.  in  Mountain  View,  CA 
for: 

Customer  Engineers 
Demo  Engineers 
Electrical  Engineers 
Field  Process  Engineers 
Industrial  Engineers 
Manufacturing  Engineers 
Mechanical  Engineers 
Process  Engineers 
Product  Marketing  Engineers 
Quality  Engineers 
Reliability  Engineers 
Software  Engineers 
Technical  Support  Engineers 
Engineering  Managers 
Marketing  Program  Managers 
Product  Marketing  Managers 
Program  Managers 
Project  Manager 
Technical  Ops  Managers 
Technical  Support  Managers 
Buyers 

Bus  Prod  Development  Analysts 
Financial  Analysts 
Market  Analysts 
Programmer  Analysts 
Senior  Financial  Analysts 
User  Systems  Analysts 
Planners 
Technical  Trainer 
Manufacturing  Technologists 

To  apply,  please  indicate  Job 
Code:  TIW0305MK,  and  mail  to: 
Professional  Staffing,  Applied 
Materials,  3050  Bowers  Ave., 
MS  1826,  Santa  Clara,  CA 
95054;  e-mail  to:  staffing@amat. 
com;  or  fax  to:  1-800-656-2629. 
EEO/AA. 

Applied  Materials 


Software  Engineer:  Designed, 
develop,  test  manufacturing, 
business  financial  client  server 
application  using  Visual  C++, 
C++,  Oracle.  Job  to  be 
performed  at  Richardson,  TX 
and  various  unanticipated  client 
sites  throughout  the  U.S.  as 
assigned.  Req.:  Masters  degree 
in  either  Math  or  Engg.  or  Sci.  or 
Comp.  Sci.,  &  1  yr.  exp.  in  the  job 
offered.  Salary  $65,000.  Hrs.  40 
hr/wk.  Mon/Fri.  Apply  at  the 
Texas  Workforce  Commission, 
Dallas,  Texas  or  send  resume  to 
the  Texas  Workforce  Commission, 
1117  Trinity,  room  424T,  Austin, 
Texas  78701 ,  J.O.  #  TX1 101 961 


Ready.  Set.  Go. 

Are  you  a  top  runner  in  your  field?  If  the  answer  is  “yes" 
then  kick  your  career  into  high  gear  and  get  to  know 
gedas.  We  are  a  leading  IT  systems  integrator  with  more 
than  4,000  employees  worldwide.  We  currently  have  first 
place  opportunities  for  the  following  positions: 

SAP  Consultants 

Web  &  Software  Developers 

Technical  Solutions  Consultants 

Information  Technology  Account  Executives 

Project  Managers,  PMP  Certified 

Telematics  Engineers  &  e-mobility  Consultants 

Computing  &  Network  Professionals 

If  you  want  to  be  a  part  of  our  Southeastern  Michigan 
team,  please  send  your  resume  to: 

gedas,  Inc.,  Human  Resources,  3800  Hamlin  Road, 

Auburn  Hills,  Ml  48326  (Mail  Code  BR); 

Fax:  (248)  618-6343;  e-mail:  info@gedas.com 

We  are  proud  to  be  an  Equal  Opportunity  Employer. 


gedas 

your  IT  partner 


INNOVATION 
MAKES  A  WORLD 
OF  DIFFERENCE 


The  University  of  Michigan  Health  System, 
known  for  its  unsurpassed  technology  and  research 
capabilities,  is  seeking  qualified  professionals  for  our 
department  of  Medical  Center  Information  Technology. 
As  one  of  the  most  wired  hospitals  in  the  nation  boasting  one  of 
the  largest  data  warehouses  in  our  industry,  we  can  offer  you 
many  more  challenges  than  most  health  environments.  We  are 
currently  building  one  of  the  largest  clinical  information  systems  in 
the  world.  For  the  opportunity  to  work  alongside  some  the 
brightest  people  in  health  care,  please  contact  us  today. 

•  Applications  Programmers 
•  Database  Developers 
•  Business  Analysts  •  Systems  Programmers 
•  Web  Applications  •  Network  Engineers 
•  Desktop  Support  &  Help  Desk 

We  believe  strongly  in  career  advancement  and  offer  competitive 
salaries  as  well  as  excellent  quality  of  life  benefits  that  include  flex¬ 
ible  scheduling  and  an  exceptional  retirement  program.  For  consider¬ 
ation  or  further  information,  call  (734)  647-2385  or  fax  a 
resume  to  (734)  763-0629;  E-mail:  it  jobs  (dinea .  urn  ich.edu 
Visit  our  Web  site  at  www.med.umich.edu 


The  University  of  Michigan  is  a  Non-Discriminators.  Affirmative 
Action  Employer. 

BL  as— r- s  University  of  Michigan 
- r-  SSJsa  Health  System 
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Now 


Your  Place! 


Want  to  learn  the 
hottest  techniques 
in  Technical  Recruiting 
&  Retention  today? 
Connect  with  experts 
and  peers  in  Palm 

Desert,  California,  at 

'  /•  '  •  _v  ;/• 

the  tenth  annual 

■  -iff- 

Technical  Recruiting  & 

Retention  Conference, 
'  June  3-6,  2001  at 
Marriott's  Desert 
Springs  Resort  &  Spa. 


~Juf^‘-6/2doi 


Marriott's  DeserkSprings* 
Resort  &  Spa*  ♦ 

Palm  Desert,  California 

I 

»  ’f 

*  •  *'  m'' 

m  7  i 


SESSION  HIGHLIGHTS  INCLUDE 


Xtreme  Recruiting: 

How  We  Got  Here  and  Where 
We  Go  from  Here 

MICHAEL  MCNEIL,  PURE  CARBON 

Critical  recruiting  lessons  for  a  critical  time  in  recruiting.  Michael 
McNeil,  the  former  head  of  Cisco  staffing  and  founder  of  Pure 
Carbon,  a  unique  e-recruitment  solutions  company,  is  considered 
by  many  as  one  of  the  leading  visionaries  in  the  employment  space. 

Automated  Screening: 

Guaranteed  Success  or  Formula 
for  Failure? 

DR.  WENDALL  WILLIAMS,  SCIENTIFIC  SELECTION 

Are  you  really  measuring  what  you  want?  What  does  it  take  to  do 
it  right?  Dr.  Wendell  Williams,  Managing  Director  of  Scientific 
Selection  is  a  nationally  recognized  expert  in  testing  and  assess¬ 
ment  for  selection.  He  is  a  frequent  contributor  to  online  and  print 
recruitment  newsletters  and  professional  publications. 

Measuring  Your  Success: 

What  Your  Management  Really 
Wants  to  Know 

KEVIN  WHEELER,  GLOBAL  LEARNING  RESOURCES,  INC. 

The  critical  value  of  metrics  is  in  the  eye  of  the  beholder.  Do  you 
know  who  your  stakeholders  are? 

Kevin  Wheeler,  the  President  and  Founder  of  Global  Learning 
Resources,  Inc.,  is  a  globally-known  speaker,  author,  columnist, 
and  consultant  in  human  capital  acquisition  and  development. 

Managing  the  Hiring  Manager 

KEN  GAFFEY,  STAFFING  CONSULTANT 

What  you  can  do  to  plan,  prepare  and  promote  critical  relation¬ 
ships  in  the  hiring  process. 

Ken  Gaffey  is  a  staffing  consultant  with  over  15  years  of  Human 
Resources  experience  in  the  New  England  high  technology  and 
financial  services  marketplace.  Ken  is  an  active  member  of 
IHRCA,  NEHRA,  SHRM,  HRC,  the  Society  of  Professional 
Consultants,  and  the  Human  Resources  Council.  Ken  contributes 
articles  and  book  reviews  to  the  Electronic  Recruiting  Exchange, 
Monster,  HR  Today,  and  several  other  professional  organization 
newsletters  and  periodicals. 

Building  World  Class  College  Relations 
Programs 

JULIE  CUNNINGHAM,  TELLABS,  INC. 

If  your  competitors  succeed  in  hiring  23%  more  college  students 
this  year,  will  there  be  any  left  for  you? 

Julie  Cunningham,  Manager,  Global  College  Relations,  Tellabs, 

Inc.  Julie  is  a  former  board  member  of  the  National  Association  of 
Colleges  and  Employers.  She  speaks  frequently  on  the  programs 
and  practices  that  have  made  Tellabs  one  of  the  premier  bench¬ 
marks  for  college  hiring. 


Diversity  -  What  You  Need  to  Do  to  Tap 
"All"  the  Top  Talent 

PRESTON  EDWARDS,  IMDIVERSITY.COM 

Top  employers  benchmark  how  diversity  has  become  a  core  value 
to  attracting  and  retaining  top  talent  and  keeping  a  competitive 
edge.  Moderator,  Preston  Edwards,  Chairman  and  CEO, 
IMDiversity.com,  and  Black  Collegian  Magazine,  is  nationally 
known  for  his  30  year  commitment  to  diversity  education.  He  has 
been  honored  by  numerous  organizations  including  the  1999 
Pericles  Award  from  the  Employment  Management  Association. 

What  You  Really  Need  to  Know  About 
Resume  Management  Systems  or,  How  to 
Tell  "Real  Ware"  from  "Vaporware" 

MARK  MEHLER,  MMC  GROUP 

The  worlds  most  competitive  corporations  discuss  the  pros  and  cons 
of  choosing  and  using  emerging  technology  tools  and  systems. 
Moderator:  Mark  Mehler,  President,  MMC  Group.  Mark  is  an  internation¬ 
al  consultant  on  high-volume  staffing  processes,  a  sought  after  speaker 
at  national  recruiting  conferences  and  co-author  of  CareerXroads. 

Town  Hall  Forum: 

Pundits,  Puns  and  Pulled  Punches 

GERRY  CRISPIN,  CAREERXROADS  2000;  JOHN  SULLIVAN, 
AGILENT  TECHNOLOGIES;  KEVIN  WHEELER,  GLOBAL 
LEARNING  RESOURCES;  PETER  WEDDLE,  WEDDLE'S 

Four  internet  recruiting  pundits  square  off  in  a  "no-holds"  barred 
debate  on  the  future  of  employment.  Who  are  the  winners  and 
losers  in  the  employment  space? 

Internet  Recruiting  Strategies  - 
TOOLS  Overview: 

BRET  HOLLANDER,  NETRECRUITER 

Advanced  sourcing  strategies  &  techniques  demonstrated  from  an 
actual  day  of  recruiting  by  one  of  the  best  firms  in  the  U.S.  on  sourc¬ 
ing  any  type  of  candidate.  Witness  actual  software,  as  well  as  unique 
scripts  and  techniques  to  successfully  develop  relationships  with 
potential  candidates.  TOOLS  is  intended  for  recruiters  or  sourcing 
specialists  who  have  already  mastered  basic  sourcing  techniques 
through  the  use  of  fee-based  sites,  formula  searching  on  engines 
such  as  AltaVista  or  Google,  and  have  taken  an  existing  all-day  class 
on  this  topic  by  any  of  the  top  Internet  recruiting  training  firms. 

•  Capture  Tools 

•  Processing  Tools 

•  Communication  Tools 

•  Security  Tools 

•  Learning  Tools 

Technology  2001 

SUSAN  HODGES,  SEMCO 

There  is  always  something  new  going  on  in  IT,  but  the  new  millen¬ 
nium  seems  even  busier  than  usual.  The  internet  is  affecting  every¬ 
thing  that's  being  done  and  new  products  and  skills  appear  daily. 
This  session  will  look  at  the  new  technology  in  each  critical  area  - 
platforms,  development,  data,  communications  and  applications. 
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FOR  INFORMATION  OR  TO  REGISTER  CALL  1-800-488-920' 


March  28  &  29,  2001 
The  Fairmont  Hotel  ▼  Dallas,  Texas 


Your  best  investment 


is  your  professional  network* 


For  more  information,  conference  package  pricing  or  to  register  for  the 

Professional  Women's  Summit 

please  visit  us  at  www.witi.com/center/conferences/dallas 
or  call  toll  free  800.334.9484  (W1T1) 

Join  us  and  participate  in  a  dynamic  2-day  accelerated  program  that  will  provide  you  with 
the  essential  tools,  opportunities,  insights  and  connections  to  achieve  your  goals.  Take 
advantage  of  this  unique  occasion  to  network  with  top  leaders  and  visionaries  utilizing 
technology  to  succeed. 

Over  the  course  of  2  days  you  will  be  offered: 

>  Powerful  keynote  sessions 
>  Practical  skill-building  workshops 
>  Dynamic  roundtable  discussions 
>  Highly  interactive  panel  discussions 
>  Network,  Network,  Network. 

Sign  up  for  the  Dallas  conference 
before  March  23,  2001 
and  receive  a  $100  discount. 
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When  looking  at  information  tech¬ 
nology  as  an  enabler,  Michigan 
offers  some  of  the  world's  biggest 
companies  -  all  being  driven  by 
technology  that  has  improved 
supplier  networks,  enterprise¬ 
wide  processes  and  even  research 
being  conducted  by  some  of  the 
world's  leaders.  It's  a  place  where 
most  every  employer  stresses 
work/life  balance,  and  where  the 
down-home  ethics  of  the  Midwest 
result  in  some  of  the  most  stable 
businesses  in  the  world. 

gedas,  Inc. 

Auburn  Hills,  Ml 

When  Volkswagen  of  America  needs  information 
technology  solutions  and  answers,  it  turns  to  its  IT 
partner,  gedas,  Inc.  The  firm  offers  IT  services  to 
Volkswagen  in  the  United  States  and  Canada.  It  also 
supports  other  companies,  providing  outsourcing,  cus¬ 
tomized  systems  development,  web  development  and 
design,  e-business  solutions,  and  enterprise  resource 
planning  systems  like  supply  chain  management  and 
customer  relationship  management  expertise. 

gedas  incorporated  in  the  United  States  just  over  18 
months  ago,  but  has  a  much  longer  record  working 
with  Volkswagen  and  other  Fortune  500  companies 
in  Germany,  Spain,  Mexico  and  other  countries. 
"During  2001  in  the  U.S.  we  need  to  hire  about  100 
information  technology  professionals,"  says  Susan 
Clutter,  manager  of  human  resources.  "We  need  Java 
and  C++  programmers,  networking  engineers,  SAP 
professionals,  Oracle  skills,  project  managers, 
call  center  professionals  -  we're  growing  across 
the  board." 

Marc  Muller,  recruiting  consultant  for  gedas,  says 
"there's  technology  being  used  here  that  entices  the 
most  experienced  IT  professional.  Some  of  the  ongoing 
projects  we  have  involve  using  ERP,  telematics, 
e-business,  and  web-enabling  systems.  We  are  using 
languages  and  packages  that  other  companies  are 
only  considering. 


"To  provide  our  service  we  need  people  who  are 
excited  about  exploring  what  IT  can  do  to  move  a 
business  forward,"  Muller  adds. 

Clutter  says  many  of  the  projects  are  global.  "We're 
attractive  to  a  lot  of  people  because  of  our  automotive  her¬ 
itage,"  Clutter  adds.  "That  heritage  allows  us  to  provide 
very  attractive  benefits  and  a  stable  work  environment,  yet 
we  are  a  start-up.  We  began  1  8  months  ago  with  28 
people  and  plan  to  be  close  to  300  by  year-end." 

General  Motors 
Detroit,  Ml 

The  number  one  company  on  the  Fortune  100,  GM  is 
digitizing  its  entire  business  portfolio.  "That  makes  GM 
a  place  rich  with  jobs  and  challenging  assignments," 
says  Jacquelyn  Wolf,  global  human  resources  director 
of  information  services  and  systems.  "With  our  size, 
there  is  the  opportunity  to  rotate  through  a  number  of 
career  paths,  to  develop  applications,  infrastructure 
and  our  web  presence." 

Wolf  says  the  role  of  IT  at  GM  is  to  assure  that 
employees  have  and  can  use  information  at  their 
fingertips.  "We  want  to  make  sure  we  provide  the 
right  kind  of  data  and  that  the  integrity  of  the  data 
is  unquestioned,"  explains  Wolf.  "We  develop  the 
platforms  and  the  structure  to  serve  GM's 
business-to-business,  business-to-employee  and 
business-to-consumer  needs."  While  IT  is  a  business 
enabler,  it  also  is  emerging  as  part  of  GM's  product. 
OnStar  provides  a  global  satellite  system  into  cars 
for  navigation  and  service. 

Wolf  says  GM's  immediate  need  is  for  150  people 
at  senior,  mid-management  and  entry  levels  to 
support  mobile  commerce,  technology  and  emerging 
standards,  customer  experience,  networking,  web 
enablement  and  telecommunications.  "These  are  not 
replacement  jobs  -  they  are  all  new  opportunities 
due  to  IT  job  growth,"  she  adds. 

Wolf  says  GM  University  offers  a  Skills  for  Success 
program  focused  on  business  implications  of  IT, 
networks  and  security  skills,  applications  and  develop¬ 
ment,  program  management,  Internet  and  Intranet 
developments.  "We  also  offer  an  onsite  MBA  program 
through  Carnegie  Mellon  in  computer  science  and 
information  technology,"  she  adds. 


University  of  Michigan 
Health  System 
Ann  Arbor,  Ml 

Information  technology  supports  the  University  of  Michigan 
Health  System,  from  enterprise-wide  financial  applications 
to  support  of  medical  research  and  education. 

David  T.  Zimmer,  human  resources  officer,  says  the  uni¬ 
versity  is  currently  implementing  a  financial  data  mart 
to  support  financial  modeling.  The  IT  staff  also  has 
developed  CareWeb,  a  web-based  application  for 
patient  information.  Through  CareWeb,  individuals 
have  access  to  the  clinical  demographic,  appointment 
and  patient  data.  "We  also  are  in  the  process  of  creat¬ 
ing  a  clinical  information  system  that  will  be  one  of  the 
largest  in  the  world,"  says  Zimmer.  "It's  a  joint  develop¬ 
ment  with  IBM  that  will  introduce  physician  order  entry 
and  link  all  CareWeb  medical  information." 

The  University  of  Michigan  plans  to  hire  application 
programmers  for  client/server  and  web  environments. 
Zimmer  says,  "We  like  to  see  people  who  have 
experience  in  the  healthcare  environment  and  have 
worked  in  highly  complex  organizations.  At  the 
University  of  Michigan  Health  System,  you'll  be  sup¬ 
porting  some  of  the  most  brilliant  medical  minds  in  the 
world.  Today's  physicians  are  tech  savvy  and  know 
what  they  need  and  want.  At  the  Health  System,  you'll 
work  as  a  partner  with  them  to  provide  technological 
solutions  while  helping  people." 

Zimmer  says  the  Health  System  IT  organization  offers 
the  best  of  a  university  setting,  including  a  respect  for 
diversity  and  work/life  balance.  "There  is  a  lot  of  flexi¬ 
ble  scheduling.  Unlike  a  lot  of  the  IT  world,  we  work 
on  a  long-term  employment  model.  At  the  University  of 
Michigan,  we  want  people  who  will  be  able  to  take 
advantage  of  a  wide  range  of  career  opportunities 
without  relocating,"  Zimmer  says.  "You'll  be  one  of 
more  than  1,700  IT  professionals." 


For  more  job  opportunities  with  firms  in  Michigan,  turn  to  the 
pages  of  ITcareers. 

•  If  you'd  like  to  take  part  in  an  upcoming  ITcareers  feature, 
contact  Janis  Crowley,  650.31 2.0607  or 
janis_crowley@itcareers.net. 

•  Produced  by  Carole  R.  Hedden 

•  Designed  by  Aldebaran  Graphic  Solutions 
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Network  World  Seminars 
and  Events  are  one  and 
two-day,  intensive  semi¬ 
nars  in  cities  nationwide  covering  the  latest  networking  technologies. 
All  of  our  seminars  are  also  available  for  customized  on-site  training. 
For  complete  and  immediate  information  on  our  current  seminar  offer¬ 
ings.  call  a  seminar  representative  at  800-643-4668.  or  go  to 
www.nwfusion.com/seminars. 
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News 


shiba  jumps  into  appliance  server  market 


Toshiba  enters  the  server  appliance  market  this 
week  with  the  Magnia  SG10. 


BY  APRIL  JACOBS 

Toshiba  entered  the  fast¬ 
growing  appliance  server  mar¬ 
ket  this  week  with  a  system 
designed  to  reduce  the  setup 
and  maintenance  woes  users 
face  with  remote  offices  and 
limited  IT  staff. 

Observers  say  the  Magnia 
SG10  is  worth  looking  at  for  its 
price,  which  starts  at  about 
$1,300,  compared  with  an 
industry  average  of  $1,600, 
according  to  consultancy  Work¬ 
group  Strategic  Services.  A  simi¬ 
lar  offering  with  more  memory 
and  horsepower  from  rival 
Cobalt,  which  was  recently  pur¬ 
chased  by  Sun,  starts  at  about 
$1,800. 

The  Magnia  SG10  features  a 
preloaded  Linux  operating  sys¬ 
tem,  network  management, 
e-mail,  Internet  connectivity 
software  and  network  manage¬ 
ment  for  devices  such  as  print¬ 
ers  and  PDAs.  The  server  also 
works  with  Bluetooth  and 
802 . 1 1  b-compliant  wireless 


AT&T, 

continued  from  page  10 

avoid  that,”  Patton  says. “Finan¬ 
cial  analysts  have  advised  the 
company  to  reduce  its  debt 
by  half.” 

Observers  say  AT&T  may 
look  to  off-load  certain  inter¬ 
national  assets.  The  carrier  is 
in  the  process  of  reviewing 
Concert,  its  international 
joint  venture  with  British 
Telecom.  AT&T  will  not  com¬ 
ment  on  the  status  of  Con¬ 
cert  other  than  to  say  the 
company  is  looking  at  ways 
to  make  the  joint  venture 
more  profitable.  But  changes 
are  predicted. 

“The  joint  venture,  as  it 
is  currently  structured,  will 
not  last  more  than  12 
months,”  says  Brownlee 
Thomas,  an  analyst  at  Giga 
Information  Group.  One  the¬ 
ory  is  that  AT&T  will  take 
control  of  Concert  by  buying 
an  additional  5%  of  the  busi¬ 
ness,  she  says. 

Thomas  does  not  expect 
that  AT&T  will  back  out  of  the 
venture.  “Neither  AT&T  nor 
[British  Telecom]  could  afford 
to  build  their  own  interna¬ 
tional  networks  at  this  stage,” 
she  says. 


devices  to  accommodate 
mobile  users. 

Mark  Melenovsky,  an 
analyst  with  market 
research  firm  IDC,  says 
Toshiba’s  appliance  offer¬ 
ing  differs  from  more-spe¬ 
cialized  boxes  that  fea¬ 
ture  storage,  Web  hosting  and 
caching  —  such  as  those 
offered  by  IBM,  Hewlett- 
Packard  and  Sun  —  because  it 
addresses  more  general-pur¬ 
pose  remote  office  needs.  He 


Hackers, 

continued  from  page  1 

than  just  a  single  server  set  up 
to  be  a  “honeypot,”  where  hack¬ 
ers  may  break  in,  find  a  dead 
end  and  have  their  activities 
recorded  with  an  eye  toward 
prosecution.  Rather,  the  decoy 
net  is  an  entire  fake  network, 
complete  with  host  computers 
on  a  LAN  with  simulated  traffic, 
to  convince  hackers  for  as  long 
as  possible  that  it’s  real. 

Experts  debate  whether  such 
nets  will  be  worth  the  effort, 
but  agree  they  can  be  a  way  to 
slow  hackers  long  enough  to 
sort  the  curious  from  the  truly 
destructive. 

A  group  calling  itself  The 
Honeynet  Project  (www.pro 
ject.honeynet.org)  has  quietly 
begun  testing  decoy  networks 
on  the  Internet  and  soon  plans 
to  publish  a  paper  on  how  to 
build  one. 

According  to  Ed  Skoudis, 
chief  security  strategist  at  Pre¬ 
dictive  Systems,  the  idea  is  the 
brainchild  of  Sun  security  con¬ 
sultant  Lance  Spitzner.  “We  set 
up  honeypots  to  watch  hacker 
activity,”  says  Skoudis,  who  par¬ 
ticipates  in  the  invitation-only 
group  and  spoke  about  new 
hacker  tools  and  defenses  at 
last  week’s  InfoSec  show. 

The  Honeynet  Project  is  not 
intended  to  prosecute  intrud¬ 
ers  who  haplessly  wander  into 
their  elaborate  decoys,  but  to 
study  hacker  responses  in 
depth  in  order  to  devise  the 
best  decoy  defenses.  There  are 
only  a  few  commercial  honey- 
pot-style  products  on  the 
market,  including  Network 
Associates’  CyberCop  Sting 
and  Recourse  Technologies’ 
ManTrap. 

Other  decoy  networks  do 
slow  intruders  with  an  eye 


says  Toshiba  is  looking  to  tap  a 
hot  appliance  market  and  help 
users  simplify  the  management 
and  setup  of  servers. 

“This  server  is  preloaded 
with  software  and  is  simple 


toward  collecting  evidence  to 
prosecute  them,  says  Rusty 
Miller,  an  executive  at  Veridian 
Information  Systems. 

“To  collect  evidence,  you 
need  to  divert  the  hacker  to  a 
deception  network,”  says  Miller, 
who  claims  to  have  built  decep¬ 
tion  networks  for  secretive  gov¬ 
ernment  agencies.  He  says  the 
idea  is  to  feed  back  information 
about  what  hackers  do  to  a 
kind  of  “deception  central”  for 
network  administrators.  “The 


The  idea  behind  Honeynet 


time  the  hackers  are  dealing 
with  a  deception  environment 
is  time  they’re  not  in  your  net¬ 
work,”  he  says. 

It  is  possible  to  create  a 
deception  network  that  has  the 
same  IP  network  address  as 
your  real  network,  Miller  says. 
He  acknowledges  deception 
nets  carry  obvious  administra¬ 
tive  burdens,  such  as  the  need 
to  generate  realistic  traffic  to 


to  run  and  use,”  he 
says.  “For  a  company 
with  a  large  corporate 
office  and  lots  of  re¬ 
mote  offices,  it  can 
save  IT  staff  a  lot  of 
work  because  all  soft¬ 
ware  updates  can  be 
loaded  and  distributed  over 
the  Internet.” 

Additional  features  include: 

•  A  built-in  seven-port  dual 
Ethemet/Fast  Ethernet  switch. 

•  A  Health  Status  Monitor- 


fool  a  hacker  and  maintain  a 
network  no  one  really  uses.  He 
notes  the  risk  that  administra¬ 
tors  will  lose  track  of  what’s 
real  and  what’s  not. 

These  deception  techniques 
have  doubters.  Steve  Manzuik, 
security  analyst  at  BindView, 
appreciates  the  work  being 
done  by  The  Honeynet  Project 
and  would  like  to  contribute, 
but  he  remains  skeptical. 

“It’s  not  clear  yet  you  can 
fool  a  lot  of  people  with  this 


deterrent,”  he  says. 

Meanwhile,  hackers  continue 
to  learn  new  tricks. 

The  past  year  has  seen  the 
emergence  of  a  new  breed  of 
distributed  port  scanners  and 
sniffers  that  make  it  easier  for 
attackers  to  hide  their  intent, 
Skoudis  says. 

There’s  now  a  kernel-level 
root-kit  for  Linux,  called  Knark, 
which  when  installed  by  hack¬ 


ing  service  free  for  30  days 
with  registration,  which  can 
be  extended  in  one-year  incre¬ 
ments  for  $99. 

The  Magnia  SG10  is  available 
immediately.  Pricing  for  a  server 
with  64M  bytes  of  memory,  a 
10Gbyte  hard  drive  and  a  sin¬ 
gle  350-MHz  AMD  processor  is 
$  1 ,289.  Pricing  for  a  server  with 
dual  20G-byte  hard  drives  is 
$1,800. 

Toshiba:  www.buytoshiba. 
com 


ers  changes  the  operating  sys¬ 
tem  to  hide  files  and  present 
false  information  to  administra¬ 
tors.  And  another  new  one, 
called  Dsniff,  can  be  used  to 
capture  traffic  on  Ethernet 
switches  and  inject  traffic  into  a 
network  to  direct  traffic  to 
itself,  known  as  the  man-in-the- 
middle  attack. 

“It’s  pretty  nasty  stuff,” 
Skoudis  says.  “For  very  sensitive 
networks,  you  may  want  to  acti¬ 
vate  port-level  security  on  your 
switches.” 

Many  tools  that  let  hackers 
carry  out  surveillance  are  now 
Web-based,  according  to  David 
Rhoades,  director  of  systems 
engineering  at  AppGate,  who 
also  spoke  at  the  conference. 
“Why  Web-based?  It’s  easy.  No 
complicated  downloads  or  zip 
files.  They  can  hack  from  any¬ 
where,  and  it’s  anonymous.” 

While  a  talented  few  among 
hackers  actually  make  attack 
tools,  many  of  these  tools  today 
are  freeware. 

And  they’re  posted  on 
dozens  of  techie  sites,  not  the 
secret  underground. 

BindView  security  analyst 
Manzuik  says  his  firm  late  last 
year  developed  a  tool  to  test 
for  the  so-called  Naptha 
denial-of-service  attack  affect¬ 
ing  at  least  seven  major  oper¬ 
ating  systems. 

The  tool,  which  involves 
launching  an  attack  to  deter¬ 
mine  operating  system  weak¬ 
ness,  was  given  solely  to 
vendors  but  somehow  ended 
up  posted  on  the  Packetstorm 
site  (www.packetstorm.sec 
urify.com)  in  its  depository 
for  tools. 

In  the  wrong  hands  “this  tool 
is  dangerous,”  Manzuik  says. 
“But  that  version  isn’t  as  dan¬ 
gerous  as  other  versions  that 
will  be  released.”  3 


An  organization  called  the  The  Honeynet  Project  soon  plans  to 
release  a  working  paper  detailing  how  to  set  up  a  decoy  network 
to  monitor  hackers.  Here's  how  such  a  net  might  look: 

©  A  server-based  network  is  established  on 
the  Internet  behind  a  firewall.  This  is  not  a 
production  net,  but  an  isolated  experimental 
one  that  will  be  cracked  by  hackers. 


Internet 


Firewall 


Interna! 
firewall  In! 


Dedicated 
server  for 
storing 
syslog  data 


©  The  idea  is  to  review  firewall  activity  and  system 
logs  on  this  network.  Honeynet  syslog  data  should 
be  transferred  quickly  to  a  dedicated  server  behind 
a  separate  firewall  because  hackers  are  adept  at 
wiping  out  system  logs  and  replacing  them. 
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Online, 

continued  from  page  1 

Lehman  Brothers  and  John 
Hancock  are  turning  to  the 
Web  to  manage  IT  resources  in 
order  to  get  up-to-the-minute 
accounts  in  a  fast-paced  pur¬ 
chasing  environment. 

“IT  services  are  the  most 
difficult  to  get  your  hands 
around,”  says  Roy  Anderson, 
director  of  procurement  at 
John  Hancock  Financial  Ser¬ 
vices,  who  tracks  how  5,000 
employees  purchase  office 
supplies,  furniture,  travel  and 
IT-related  goods  and  services. 
“Right  now,  a  $5,000  IT  proj¬ 
ect  can  easily  grow  into  more 
than  a  $250,000  project.” 

Part  of  the  reason  spending 
rises  unexpectedly  is  employ¬ 
ees  in  a  decentralized  envi¬ 
ronment  can  begin  contract¬ 
ing  processes  outside  normal 
channels  without  relying  on 
prenegotiated  contracts  or 
volume  pricing.  Keeping  track 
of  manpower  costs  for  pricey 
programming  talent  or  net¬ 
work  services  is  difficult 
when  purchasing  arrange¬ 
ments  are  handled  across  the 
globe.  And  making  a  consis¬ 
tent  comparison  of  vendor 
offers  is  a  challenge. 

Centralized  buying 

To  bring  everyone  into  the 
fold,  John  Hancock  is  putting 
its  requests  for  proposal  and 
contract  awards  process 
online  and  building  a  “Person¬ 
alized  Purchasing  Portal”  for 
employees. 

The  portal  is  based  on  Fric¬ 
tionless  Commerce  software 
for  receiving  bids  on  a  range 
of  IT  needs,  including  cus¬ 
tomer  relationship  manage¬ 
ment  software. 

John  Hancock  employees 
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THE  FEDS  GET  INTO  ONLINE  BUYING 


While  interest  in  online  IT  con¬ 
tract  management  grows,  in 
some  respects  the  federal 
government  is  ahead  of  the 
pack.  About  a  year  ago  the 
General  Services  Administra¬ 
tion  set  up  an  online  IT  ser¬ 
vices  procurement  portal  based  on 
IBM's  Lotus  Domino  software. 

The  portal,  called  IT  Solutions  Shop,  is 
used  by  more  than  3,000  government 
agency  departments  to  request  network 
services  and  software  from  roughly 
5,000  vendors  under  contract.  It 
accounted  for  $2.9  billion  in  orders  last 
year,  according  to  Dave  Griffin,  a  GSA 
project  manager. 

"If  someone  has  a  need  for  say,  smart 
cards,  they  can  just  do  a  keyword  search 
and  get  a  list  of  50  vendors  that  do  that," 
says  Griffin,  adding  that  the  site  also  fea¬ 
tures  Web  catalogs. 


The  GSA  sets  up  shop 

The  GSA's  IT  Solutions  Shop  by  the 
numbers: 

•  Established  by  GSA's  Federal  Technology 
Service  in  '99  as  http://it-solutions.gsa.gov. 

•  Processed  over  $4.2  billion  worth  of  orders. 

•  Has  9,656  clients  in  civilian  and  defense 
agencies. 

•  4,953  companies  have  registered  to  provide 
IT  goods  and  services  under  5,000  contracts. 


IT  Solutions  Shop  keeps  a  running  track 
of  acquisitions,  helpful  for  large  contracts, 
such  as  the  one  recently  awarded  by  the 
U.S.  Navy  to  WorldCom.  "We  do  a  lot  of 
work  for  the  Navy,"  he  says. 

Typically,  the  GSA  analyzes  the  offers 


coming  in  online,  often  in  tandem  with 
the  government  agency  involved,  and 
once  the  vendor  is  selected,  IT  Solutions 
Shop  issues  the  purchase  orders  online 
so  vendors  can  retrieve  them. 

One  awkward  aspect,  though,  is  that 
the  government  hasn't  decided  how  or 
if  to  use  digital  signatures  for  the  elec¬ 
tronic  signing  of  contracts,  even  though 
there's  now  a  digital  signature  standard, 
and  Congress  last  year  passed  a  law  that 
makes  such  signatures  as  legally  valid  as 
written  ones. 

"We  just  haven't  gotten  guidance  from 
the  GSA  or  the  CIO  Council  on  digital  sig¬ 
natures,"  Griffin  says.  "We  haven't  had 
legal  deal  with  this,  and  some  of  our 
acquisition  folks  are  saying,  'We're  not 
comfortable  with  the  electronic  [method]. 
We  want  it  signed.' " 

—  Ellen  Messmer 


and  IT  service  providers  are 
going  to  have  to  start  using 
the  contracting  portal  this 
spring  for  bidding  on  RFPs 
and  contract  awards,  and  for 
monitoring  contract  progress. 

“Contract  managers  are 
going  to  be  better  aware  of 
activity,  and  we’re  going  to 
make  the  value  analysis  con¬ 
sistent  among  our  suppliers,” 
Anderson  says.  “The  CFO  is 
going  to  be  able  to  see  the 
activity  going  on  through 
trend  analysis  and  see  where 
the  money  is  being  spent.” 

The  portal  will  initially  be 
hosted  by  Frictionless  Com¬ 
merce,  though  John  Hancock 
expects  to  host  the  Web 
server  software  itself  down 
the  road. 

Separately,  Lehman  Broth- 
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ers  is  turning  to  a  hosted  con¬ 
tract  management  application 
from  a  start-up  called  Chimes 
to  centralize  its  IT  buying 
process. 

“We  were  looking  for  the 
ability  to  centralize  the  [buy¬ 
ing]  process  because  every¬ 
one  would  go  to  their  vendor 
of  choice,”  says  Karen  Krieger, 
first  vice  president  in  the  IT 
division  at  Lehman.  “We  want¬ 
ed  to  outsource  the  applica¬ 
tion  for  the  automated  acqui¬ 
sition  system  for  multiple 
vendor  contracts.” 

Use  of  the  Chimes  applica¬ 
tion  is  mandatory  at  Lehman 
for  employees  buying  IT  ser¬ 
vices  and  for  those  providing 
services. 

More  contractors,  fewer  staff 

Merrill  Lynch  is  also  betting 
on  a  hosted  application  from 
Business  Engine  for  bidding 
and  contract  management  to 
better  track  IT  expenses.  Mer¬ 
rill  Lynch  plans  to  rely  more 
on  IT  contractors  than  inter¬ 
nal  staff  in  the  future. 

“We  want  to  get  out  of  the 
architecture  and  infrastruc¬ 
ture  business,”  says  Kenneth 
Brzozowski,  a  vice  president 
in  Merrill  Lynch’s  technology 
group,  which  has  3,300 
employees  around  the  world. 
“We  think  using  the  Business 
Engine  hosted  application 
will  help  us  get  a  handle  on 
our  technology  information 
base,  on  how  projects  are  ini¬ 
tiated  and  how  money  is 


being  spent.” 

Until  now,  Merrill  Lynch 
has  generally  evaluated  bids 
from  IT  contractors  by 
accepting  Excel  spreadsheets 
all  over  the  world  via  e-mail 
and  then  comparing  them  to 
try  to  get  the  best  deal.  From 
now  on,  Merrill  Lynch 
expects  IT  contractors  to  post 
responses  to  RFPs  at  the  Busi¬ 
ness  Engine  portal,  which 


makes  use  of  XML  formatting. 
Vendors  will  have  to  report 
timesheets  online,  so  costs 
can  instantly  be  calculated. 

“This  is  going  to  be  a 
requirement  for  vendors, 
especially  for  tracking  them 
as  resources,”  Brzozowski 
says.  Eventually,  Merrill  Lynch 
wants  to  automate  bidding 
and  contract  management  by 
enabling  a  direct  link  over 
the  Internet  to  its  back-end 
systems. 

Business  Engine  typically 
charges  $80  to  $120  per 
month,  per  seat  for  contract 
managers  and  $20  to  $40  per 
user.  Sometimes  price  is  based 
on  a  percentage  of  the  dollar 
value  of  the  business  that 


flows  through  the  Business 
Engine  portal,  according  to 
John  O’Neil,  the  software 
maker’s  CEO.This  could  range 
from  0.75%  to  2%. 

Merrill  Lynch  comparison- 
shopped  before  choosing 
Business  Engine,  which  best 
met  the  financial  firm’s 
requirements  for  everything 
from  project  planning  tools  to 
the  technology  needed  to 


bring  the  project  to  fruition. 

The  company  reviewed 
products  from  ABT,  Artemis, 
Oracle,  Niku,  Primavera  and 
others. 

Brzozowski  says  moving  to 
this  kind  of  contract  manage¬ 
ment  “got  a  lot  of  legal  atten¬ 
tion”  at  Merrill  Lynch. 

This  involved  signing  agree¬ 
ments  with  Business  Engine 
on  sensitive  issues  such  as 
prohibiting  the  sharing  of 
contract  data  stored  at  the 
Business  Engine  hosted  appli¬ 
cation  site.  □I 

Get  more  information  online. 
DocFinrler  3255 
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■  "We  were  looking  for  the  ability 
to  centralize  the  [buying]  process 
because  everyone  would  go  to 
their  vendor  of  choice." 

Karen  Krieger,  vice  president,  IT  division,  Lehman  Brothers 
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ber  of  enhancements  to  its  BayStack 
400  series,  Business  Policy  Switch  and 
Business  Communications  Manager 
product  lines. 

This  month,  Nortel  will  add  the 
Extensible  Authentication  Protocol 
(EAP),  traffic  policing  and  a  Gigabit 
Interface  Converter  (GBIC)  adapter  to 
the  Business  Policy  Switch  (BPS).  EAP 
will  authenticate  users  inside  a  firewall 
in  accordance  with  a  company’s  secur¬ 
ity  policy. Traffic  policing  will  admit  cer¬ 
tain  flows  while  discarding  others,  and 
the  GBIC  will  add  Gigabit  Ethernet  con¬ 
nectivity  via  variable  physical  interfaces. 

The  company  will  unveil  software 
that  “syncs  up”  the  BPS  with  Nortel’s 
BayStack  450  stackable  10/100/1000M 
bit/sec  Ethernet  switch  in  terms  of  con¬ 
sistent  Web  management,  administration 
and  enforcement, Vogt  says. 

In  April,  Nortel  will  roll  out  a  lower- 
end,  lower-cost,  policy-enabled  version 
of  its  BayStack  450  for  users  requiring  a 
more  cost-effective  alternative  to  the 
450.  This  new  400  series  switch  will 
save  Nortel  from  cutting  the  cost  and 
profit  margin  from  the  450, Vogt  says. 

In  June,  Nortel  will  enhance  the  IP 
telephony  capabilities  of  its  Business 
Communication  Manager  (BCM),  a  LAN 
PBX  that  supports  IP  and  digital  hand¬ 
sets.  Nortel  will  increase  the  number  of 
handsets  BCM  can  support  and  add  wiz¬ 
ards  to  its  graphical  user  interface  for 
configuring  dialing  plans. 

In  the  second  half  of  this  year,  Nortel 
will  unveil  a  next-generation  Layer  3 
Gigabit  Ethernet  switch  with  copper 
ports  to  better  compete  with  Cisco’s 
48-port  Catalyst  2948G-L3,Vogt  says. 

“We’ve  had  a  little  bit  of  pressure 
from  the  2948G”  in  terms  of  footprint, 
he  admits.  The  2948G  is  1.5  rack  units, 
an  impressively  small  footprint  for  a 
Layer  3  switch. 

The  new  Nortel  switch  will  be  avail¬ 
able  in  stand-alone  and  stackable  ver¬ 
sions, Vogt  says. 

This  flurry  of  enterprise  LAN  switch¬ 
ing  activity  follows  a  surprisingly  suc¬ 
cessful  fourth  quarter  of  2000,  in  which 
Nortel  led  all  major  vendors  in  Ethernet 
switching  revenue  growth,  according 
to  the  latest  figures  from  Dell’Oro 
Group.  Nortel’s  39%  growth  was  nearly 
double  that  of  3Com’s,  which  was  sec¬ 
ond  at  22%. 

Much  of  this  growth,  however,  is  due 
to  back-ordered  products  that  finally 
shipped  after  a  long  delay,  according  to 
Seamus  Crehan,  an  analyst  at  Dell’Oro. 

Regardless,  if  you  couple  that  Ether¬ 
net  switch  growth  with  the  16%  fourth- 
quarter  revenue  growth  in  Nortel’s 
enterprise  business  overall  —  “far 
exceeding  our  expectation  of  5%,”  says 
Wall  Street  investment  firm  UBS  Warburg 
—  you’ll  find  a  company  that  appears  to 
be  far  from  dead  in  the  enterprise. 

“There’s  no  carrier  or  enterprise  busi¬ 
ness  at  Nortel  anymore.  It’s  premise-to- 
core.  We’re  shaping  the  company  that 
way,”Vogt  says.  S 


Nortel, 

continued  from  page  10 

Industry  watchers  have  been  waiting 
lor  Nortel  to  concede  the  market  to 
Cisco,  given  the  company’s  dramatic 
loss  of  market  share  in  layer  3  switching 
between  1998  and  1999,  and  a  three- 


quarter  delay  in  shipping  its  next-gener¬ 
ation  enterprise  core  switch.  The  Bay 
Networks/LAN  switching  side  of  Nor¬ 
tel’s  house  has  been  conspicuously 
silent  since  Nortel  acquired  Bay  in  1998, 
leading  to  speculation  that  the  company 
was  quietly  retreating  from  the  market. 

Nortel  has  instead  been  stealthily 


plotting  an  assault.  It’s  been  coordinat¬ 
ing  operations  between  its  premises 
(Bay)  and  core  (Nortel)  businesses 
instead  of  separating  them,  Vogt  says, 
in  an  effort  to  build  a  comprehensive 
and  cohesive  policy  network  strategy 
companywide. 

And  its  weaponry  will  include  a  num- 
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Webcasts 

Editorial 

Services  1 

Need  an  edge  in  your  career,  your  company,  or  just  the  next  IT  meeting? 
At  ITworld.com,  we  aggregate  content  from  the  best  sources  available, 
then  deliver  it  in  a  uniquely  efficient  way.  We're  revolutionizing  how  IT  pros 
acquire  information  and  knowledge. 

View  any  IDC  Live!  webcast  and  get  the  IDC  research  bulletin, 

"What  Every  Executive  Needs  to  Know  About  Security,"  FREE  (a  $1,500  value). 

Reserve  your  space  at  www.itworld.com/itwebcast/idc2 


Changing  the  way  you  view  IT I 


Waiting  for  wireless 


If  you  were  going  to  die  soon  and 
had  only  one  phone  call  you 
could  make,  who  would  you  call 
and  ivhat  would  you  say?  And 
ivhy  are  you  waiting? 

—  Stephen  Levine,  author  and  philosopher. 


MARK 
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The  wireless  applications  mar¬ 
ket  has  attracted  far  more  ink  than 
really  useful  applications  (unless 
you  count  being  able  to  occasion¬ 
ally  get  stock  quotes,  provided 
you’re  in  an  area  with  Cellular  Dig¬ 
ital  Packet  Data  coverage,  and 
there  are  not  too  many  users,  and 
the  wind  is  coming  from  the  right 
direction,  and  you  remember  to 
sacrifice  a  small  mammal  before 
switching  on  your  phone). 

Be  that  as  it  may, 
the  belief  in  the 
future  of  this  market 
has  transcended  the 
ordinary  optimism  of 
the  technopundits, 
and  virtually  every 
serious  software  com¬ 
pany  has  inserted  a 
finger  in  the  pre- 
sumed-to-be  giant 
unwired  pie. 

Last  year  Sun  made 
a  big  play  with  Java  in 
the  guise  of  the  Java  2 
Platform,  Micro  Edition  as  the  infra¬ 
structure  for  applications  that 
could  run  in  environments  as 
restrictive  as  cell  phones.  Now 
Qualcomm  has  not  only  thrown  its 
hat  in  the  same  ring,  but  has  also 
thumbed  its  nose  at  Sun. 

Qualcomm’s  solution  is  BREW 
—  Binary  Runtime  Environment 
for  Wireless  —  a  direct  competitor 
to  Sun’s  Java  for  phones,  and  it  has 
some  arguments  in  its  favor.  For  a 
start,  applications  based  on  BREW 
are  written  in  C  and  C++.  This 
allows  for  smaller  run-time  code 
size,  smaller  operating  system  over¬ 
head  and  taster  performance. 

Qualcomm  suggests  that  appli¬ 
cations  running  on  BREW  will 
include  enhanced  e-mail  (I  have 
no  idea  what  that  might  be); 
mobile  text  chat;  position  loca¬ 
tion  services;  online  and  offline 
games;  Internet  radio;  and  stream¬ 
ing  video. 

To  support  the  development  of 
serious  applications,  Qualcomm 


has  launched  the  Qualcomm  Ven¬ 
ture  Fund  (with  some  $500  million 
in  the  kitty!). 

While  a  number  of  serious  play¬ 
ers  —  including  VistoCorp., Wire¬ 
less  Knowledge  and  Hewlett- 
Packard  —  are  building  products 
and  services  for  BREW,  I  wonder 
whether  the  wireless  applications 
market  based  around  cell  phones 
with  ambition  is  really  of  anything 
other  than  short-term  significance. 

My  doubt  comes  from  two 
issues:  First,  underlying  these  new 
applications  and  services  are  the 
telephone  companies,  which  so  far 
don’t  seem  to  be  committed  to 
providing  wireless  infrastructure 
that  can  cope  with  more  than 
voice  traffic. 

Second,  today’s  cell  phones  are, 
in  computing  terms,  where  pro¬ 
grammable  calculators  were 
before  the  PC  market  exploded. 
Remember  those  things?  If  you 
were  at  all  geeky,  the  idea  of  a  pro¬ 
grammable  calculator  was  awe¬ 
some.  Never  mind  that  they  were 
expensive,  complex  and  couldn’t 
do  much.  If  you’d  been  hit  with 
the  geek  stick,  you  wanted  —  no, 
needed  —  one.  But  I  digress  . . . 

My  money  is  on  this  market 
being  replaced  in  the  near  future 
by  a  market  for  devices  that  are 
far  smarter  than  today’s  cell 
phone,  with  more  CPU  power 
and  more  storage. 

You  want  to  see  the  direction 
cell  phones  are  going?  Check  out 
the  Motorola  VI 00  due  to  ship  in 
the  U.S.  this  year. 

This  device  will  combine  a  GSM 
phone  with  e-mail  and  SMS  mes¬ 
saging,  a  full  QWERTY  keyboard, 
WAP  Internet  browser,  address 
book,  games  and  voice  dialing,  all 
for  $250.  Now  for  just  a  few  dollars 
more,  don’t  you  think  someone 
will  soon  produce  a  device  that’s 
more  like  a  real  PC? 

The  fact  is  all  this  hoopla  about 
mobile  wireless  applications  is 
really  a  lot  of  effort  for  what  will 
likely  be  a  short-lived  iteration  of 
the  market.  If  you  buy  into  today’s 
vision  to  build  enterprise  applica¬ 
tions,  you  may  find  your  short¬ 
term  advantage  is  an  expensive 
one.  Perhaps  you  should  wait  to 
make  that  call. 

Send  your  message  down  the 
wire  to  nwcolumn@gibbs.com. 
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The  latest  on  the 
Internet  industry 


Awhile  back  I  ran  into  a  Realtor  who 
was  in  a  tizzy  because  a  typographical  error 
in  a  newspaper  ad  had  listed  her  client's 
luxurious  colonial  at  a  price  that  couldn't 
fetch  the  most  dilapidated  fixer-upper  in 
Massachusetts.  She  was  dreading  the 
onslaught  of  calls  from  clueless  dreamers 
who  wouldn't  figure  out  that  the  price  was 
far  too  good  to  be  true. 

Of  course,  no  one  was  going  to  suggest 
that  her  client  would  be  bound  —  legally, 
ethically  or  otherwise  —  to  sell  the  house  for 
a  song  simply  because  a  human  being  hit  the 
wrong  key  when  inputting  that  price. 

So  why  all  the  caterwauling  over  online  merchants  who  decline  to 
make  good  on  similarly  obvious  errors?  The  medium  and  monetary 
stakes  may  be  different,  but  the  principles  are  the  same. 

Two  recent  cases:  United  Air  Lines'  Web  site  posted  a  San  Francis- 
co-to-Paris  flight  for  $24.98,  which  any  grownup  knows  won't  buy  lunch 
in  either  city,  never  mind  that  round-trip  ticket.  Staples.com  listed  a  $40 
attache  case  for  1  cent.  Penny-wise  shoppers  also  undoubtedly  real¬ 
ized  this  was  a  typo  as  they  scooped  up  as  many  as  50  at  a  time,  with 
some  being  resold  on  eBay  before  anyone  could  say  "ill-gotten  gains." 

United  initially  balked  at  honoring  the  ludicrous  fare.  However,  the 
airline  caved  in  to  double-barreled  complaints  from  those  who  insisted 
they  were  owed  the  almost-freebie,  and  their  supporters  who  fly  Pundit 
Class,  which  is  the  cabin  reserved  for  infallible  journalists.  Staples 
reportedly  shipped  1-cent  attache  cases  to  an  unspecified  number  of 
individuals  before  calling  a  halt  to  the  unintended  giveaway. 

Bully  for  Staples. 

Companies  stung  by  these  lapses  certainly  have  a  choice  to  make 
between  risking  a  public  relations  blemish  and  giving  away  the  store. 
That's  a  straight  business  call.  Also,  there  are  e-commerce  infrastruc¬ 
ture  vendors  that  specialize  in  minimizing  these  mistakes,  so  mer¬ 
chants  who  commit  such  sins  regularly  should  and  will  pay  a  big  price 
in  terms  of  eroding  customer  satisfaction. 

But  what  frosts  Buzz  is  the  notion  that  'Net  shoppers  lucky  enough  to 
stumble  across  these  pricing  gaffs  are  any  more  entitled  to  the  bounty 
than  they  would  be  to  the  contents  of  a  wallet  found  on  the  sidewalk. 

Speaking  of  the  evolution  of  online  mores: 

When  Princess  Diana  was  killed  in  a  car  wreck  Aug.  31, 1997,  a  sub¬ 
sequent  orgy  of  online  schemes  designed  to  cash  in  on  her  memory 
sprung  up  overnight.  This  ghoulish  e-commerce  —  primarily  the  work  of 
fly-by-night  operators  —  drew  buckets  of  media  attention  and  was 
deemed  so  unseemly  that  a  straight-laced  trade  publication  called  Net¬ 
work  World  saw  fit  to  tsk-tsk  about  it  in  a  front-page  story.  (Written  by 
yours  truly.) 

Fast-forward  to  Dale  Earnhardt's  fatal  crash  at  Daytona  last  month. 
Once  again,  the  victim  had  no  sooner  been  pronounced  dead  before 
online  merchandisers  were  tripping  over  their  Web  servers  trying  to 
turn  a  fast—  and  last  —  few  bucks  off  his  famous  image. 

However,  there  was  a  notable  difference  this  time:  Even  mainstream 
merchandisers  are  riding  Earnhardt’s  posthumous  gravy  train,  not  merely 
the  quick-hit  artists. 

For  example,  Yahoo  has  more  than  5,000  Earnhardt  items  up  for  auc¬ 
tion.  You  can  see  that  market  highlighted  on  the  Yahoo  home  page  right 
alongside  prominent  links  for  Palm  Pilot  and  PlayStation  2. 

Yet  no  one's  so  much  as  lifting  an  eyebrow,  at  least  not  that  I've 
noticed. 

Why  the  change?  Is  it  the  difference  between  how  people  perceive 
the  death  of  a  glamorous  princess  and  that  of  a  devil-may-care  race  car 
driver?  Or  have  we  simply  waved  the  white  flag  in  terms  of  what's 
socially  acceptable  and  not  acceptable  in  online  merchandising? 

Probably  both,  although  more  the  latter  than  the  former. 


PAUL 

MCNAMARA 


Some  things  never  change:  We  want  hear  from  you  and  the 
address  is  buzz@nww.com. 
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Pascal  Billieux  of  Logitech  said  we  could  use 


his  picture  in  an  ad  and  write  words  for  him 


provided  he  could  cross  out  anything  "that 


made  him  sound  goofy."  Pascal  relies  on 


Global  One 


Their  global  telecom  network, 


products  and  services  are 


reliable 


and  flexible 


Pascal  Billieux ,  MIS  Manager/ Europe, 


Global  One's  high-speed  Internet  access.  Global  IP  Direct,  helps  Logitech's  critical  e-commerce  and  business  sites  move  tons  of  data  quickly  and  smoothly 
around  the  world.  And  when  Logitech's  customers  need  help,  Pascal  trusts  Global  Call  Center  to  handle  calls  seamlessly  from  all  over  Europe.  No  wonder  he’s 
deliriously  happy  to  work  with  us.  For  more  information,  please  visit  www.globalone.net  or  call  1-877-460-4141. 


Global 


A  Member  of  the  France  Teiecom  Group 


NNECTIVITY  SOLUTIONS 


Hot  applications  for 


rame  Relay. 


N  delivers 


ADTRAN  Frame  Relay 


Frame  Relay  Access, 
Concentration  and  Switching 

Frame  Relay  Routing 

Converged  Voice  and  Data 


IP  Internetworking  and  VoFR  solutions  for 
the  WAN  technology  you  know  and  trust 

Suddenly  it’s  simple  to  capitalize  on  your  investment  in  packet  switched 
networks.  ADTRAN’s  time-tested,  field-proven  Frame  Relay  access 
products  now  boast  new  and  advanced  features  to  . 
support  multi-protocol  data,  converged  voice  and 

data,  routing,  disaster  recovery,  performance  E 
monitoring,  and  more.  Central  site  and  remote 
access  devices  support  virtually  every  application  at  every 
remote,  at  speeds  ranging  from  56  kbps  to  2.048  Mbps.  Now  you  can  readily 
implement  today’s  most  in-demand  applications,  while  reducing  PVCs, 
eliminating  long  distance  toll  charges,  and  extending  PBX  functionality. 


Multi-Protocol  Data 


Compressed  Voice 


Private  or  Public  Circuits 


ATLAS  550 


Performance  Monitoring 


Disaster  Recovery 


Network  Management 


Five-Year  Warranty 


Unrestricted  Technical 
Support 


For  a  free  application  brief  on  Voice  Over  Frame  Relay, 

visit  www.adtran.com/convergef rame .  To  speak  to 
a  network  engineer,  call  8??  591-3055  toll-free. 


Cost-effective  solutions  for  DDS,  FT1, 
and  T1  Frame  Relay  lower  network 
costs,  expand  user  functionality,  and 
position  your  network  for  future  growth 


JyW  -.-,r 

BSirW '  .Vf.'-v  is 


Experts  choose  ADTRAN 


ADTRAN  is  a  registered  trademark  a!  ADTRAN.  trie. 


ItetvmrkWorld 


Pass-Along  Application 


□Yes!  I  want  to  receive  a  FREE  subscription  to  Network  World,  the  leading 
industry  resource  for  Network  IS  professionals.  □  No,  Thank  You. 

Signature  Date 

Pubtaher  reserves  the  nght  to  serve  orty  those  individuals  who  meet  publication  qualifications  All  questions  must  be  answered  Incomplete  forms 
n*  not  be  processed  Free  subscriptions  available  to  qualified  U  S  applicant  International  rates  available  upon  request. 


To  qualify:  You  must  supply  your  name,  title  and  company  name/address/phone  on  the  business  reply  panel  below.  Please  print  clearly. 

O  My  home  is  also  my  business  address. 


Optional  delivery  address:  Enter  your  home  address  below  if  your  company  will  not  accept  delivery  at  your 
business  address. 


Street  Address  (Home) 


If  there  is  a  parent  company,  please  provide  name 


If  military,  please  specify  branch  and  base 


City 


Zip 


What  is  Hie  principal  business  activity  at  your  location?  .are*  !2E  aw  )  Q>at  is  '-he  es!ima,cd  """’i*'.0'  em»l0''“s  a>  Vour 


location/in  entire  organization?  (check  one  in  each  section) 


01.  _  Manufacturing  (other) 

02.  _  Finance/Banking 

03.  _  Insurance/Real  Estate/Legal 

04.  _  Health  Care  Services 

05.  _  Hospitality/Entertainment/Recreation 

06.  _  Media/TV/Cable/Radio/Print 

07.  _  Retail/Wholesale  Trade/Business  Services 

08.  _  Transportation 

09. _ UtilitiesfProcess  Industries  (Mnrg/Consmxtion/ 

_ Patio tear)  Refnrg/A&KultuieJFcrestTy) 

10.  LJ  Education 


12. 

13. 

14. 

15. 1— 
16.  _ 
17.  L 


11.  | _ Govemment/Military 

Consulting  (Independent)* 

Communications  Carriers 
ISP 
ASP 

Manufacturing  (Computer/Communications/OEM) 
Resellers/VARs/VADs/Integrators/Distributors 

_ (Computers/Communications)* 

18.  U  Other  (Specify) _ 


A.  AT  YOUR  LOCATION 

Over  20,000 
_|  1 0,000  tol  9,999 
5,000  to  9,999 
2,500  to  4,999 
1,000  to  2,499 


1. 

2. 

3.  U 

4. 

5.  LJ 


6.  _ 
7-  U 
8. 

9. 


500  to  999 
250  to  499 
100  to  249 
99  or  less 


B.  ENTIRE  ORGANIZATION 


1. 

2.  |_ 

3.  _ 


_  Over  20,000 

10,000  to19, 999 
5,000  to  9,999 
2,500  to  4,999 


5. 

6-  I— 


1,000  to  2,499 
500  to  999 
499  or  less 


If  government,  please  specify  division 

(Question  #9  -  Continued) 

SERVICES 

A  34.  BPO  (Business  Process  Outsourcing  mcl. 

0  Financial  Services,  HR,  Logistics  etc.) 

35.  LJ  ASP  Services 

36.  U  Call  Center  Outsourcing 


Systems  Integration/Consulting 
Education/Training  Services 
Other  Services  A  B 

None  of  the  above  (1  -39)  0  40.  D 


ATIN:  CONSULTANTS,  INTEGRATORS,  DISTRIBUTORS,  RESELLERS. 
PLEASE  COMPLETE  FORM  BASED  ON  ALL  CUENTS  AND  YOUR 
OWN  BUSINESS  NEEDS. 


Please  indicate  the  Intemet/Intranet/WAN/LAN/Remote  products/services  that  'N 
ly  vou  are  currently  involved  in  puichasing  or  plan  to  purchase,  (check  all  m  appty)  J 

B.  PLAN  TO  PURCHASE 


©  Please  indicate  the  platforms  that  are  currently 


installed/planned,  (check  all  that  apply) 


J 


^  P.  What  is  your  primary  job  function?  (check  qne  only) 


3 


S.  What  is  your  secondary  job  function?  (check  ALL  that  apply) 

JL  s  p  i 

_  1.  _  Network  Management  _ J  6. 1 Engineering  Management 

_  2.  _  LAN  Management  LJ  7.  LJ  Corporate  Management  (CEO, coo,  CFO, 

_  3.  _  Datacom/Telecom  Management  Pres..  VP,  Dir.,  Mgr.) 

J  4.  P  CIO/CTO/IS/ri/MIS/Systems  Management  p  8.  |Zj  Consultant  (Independent) 


A.  CURRENTLY  INVOLVED  IN  PURCHASING 
INTERNET/INTRANET 
A  B 


_ I  5. 1 _ 


Intemet/lntraoet/E  -Commerce  Management 


I  Other  (Specify)  _ 


5  Wl  idt  is  the  estimated  value  of  network  equipment  and  services  \ 

2  »y  that  vou  specify,  recommend,  or  approve  the  purchase  of? _ J 


that  you  specify,  recommend,  or  approve  the  purchase  of? 

^  (Please  print  the  appropriate  number  code  on  the  line  next  to  each  product  category. 

—  Please  complete  ALL  categories  A-O.) 

1.  $100  million  or  more  A  _ Large  Systems  (Malnlmmes/Mm) 

2  $50  million  to  $99.9  million  B  _ Desktops  (Micros/Laptops/Wyletations) 

C  _ Mobile  (including  PDAs.  Wireless ) 

D  _ Servers 

E  _ LANs 

F  _ WAN  Equipment 

G _ Carrier  Services 

H  _ Internetworking  |nct«<ingflour»s.Swiidies) 

®What  is  the  total  number  of  sites  for  which  you  have  "\  t 
purchase  influence?  (check  qne  only) _ J  p 


01. 

VPN  Equipment 

33. 

02 

VPN  Services 

34. 

03 

Firewalls/Security/Encryption 

35. 

04. 

Electronic  Commerce  Tools 

36. 

05. 

_ 

Web  Servers/Software 

37. 

06. 

_ 

Internet  Services 

38. 

07. 

Web  Hosting 

39. 

08. 

Content  Hosting 

RFMHTF 

09. 

Traffic  Management 

nCIVIU  1  C 

10. 

Web  Development  Tools 

A 

0 

11. 

Management/Monitoring  Software 

40. 

12. 

Web  Based  Management  Tools 

41. 

13. 

Web  Based  Collaboration/Groupware 

42. 

14. 

Web  Acceleratiofi/Caching/Load  Balancing  Products 

43. 

_ 

15. 

Other  Internet/Intranet 

44. 

A  b 

Network  Interface  Cards  (Nics,  pcmcia) 
Hubs/Intelligent  Hubs/Stackable  Hubs 
Cables,  Connectors,  Baiuns 
Management  Frameworks 
Call  Center  Tools 
Voice  over  LAN 

Other  LocalArea  Network/lntemetworking 


A.  CURRENTLY  INSTALLED 
NETWORK  PROTOCOLS 

A  B 


01. 

TCP/IP 

02. 

IPV6 

03. 

SNA 

04. 

Novell  IPX/SPX 

05. 

APPC/APPN/LU6.2 

06. 

NETBIOS/NET  BUEI 

07. 

NFS 

08. 

SNMP 

09 

HTTP 

10. 

Other  Network  Protocols 

UN/WAN  ENVIRONMENT 


B.  PLANNED  FOR  PURCHASE 

NETWORK  OPERATING  SYSTEM 
A  B 

.  28.  Windows  NT/Windows  2000 
.  29.  _  Novell  (NetWare  5.X) 

.  30.  _  Novell  (NetWare  4.X) 

.  31.  _  Novell  (NetWare  2_X,  3.X) 

.  32.  _  LINUX 

.  33.  _  Microsoft  (LAN  Managed 
.  Banyan  (Vines) 

.  IBM  (LAN  Server) 

.  Other  Network  Operating  System 

COMPUTER  OPERATING  SYSTEM 
A  B 


28. 

_ 

29. 

_ 

30. 

_ 

31. 

_ 

32. 

_ 

33. 

34. 

35. 

_ 

36. 

3.  $25  million  to  $49.9  million 

4.  $10  million  to  $24.9  million 

5.  $1  million  to  $9.9  million 

6.  $100,00  to  $999,999 

7.  $50,000  to  $99,999 

8.  Under  $50,000 

9.  None  of  the  above 


I  . 
J  . 
K  . 
L  . 
M 


Intemet/WeWE-Commace 
Intranet/Extranet 
Remote  Access 
Peripherals 
Software 


LANs/INTERNETWORKING 


WAN  EQUIPMENT  &  SERVICES 


N  _ Services/Support 

O _ Storage 


1.Dl00+  2.  □  50  -  99  3.  □  20  -  49  4.DlO-19  5.D2-9  6.Dl  7.DNone 

@What  is  the  total  number  of  Servers/Clients/LANs  installed/planned 

at  your  location/in  your  entire  organization?  (check  one  box  n  each  column)  J 

SERVERS  CLIENTS  LANs 


ocabon  Entire  Org. 

At  Location  Entire  Org. 

At  Location  Entire 

A 

B 

c 

D 

E 

F 

_ 

1.  50,000+ 

1.  50,000+ 

1.  50,000+ 

2.  10,000  to  49,999 

2.  10,000  to  49,999 

2.  10,000  to  49,999 

3.  1,000  to  9,999 

3.  1,000  to  9,999 

3.  1,000  to  9,999 

4.  100  to  999 

4.  100  to  999 

4.  100  to  999 

5.  50  to  99 

5.  50  to  99 

5.  50  to  99 

6.  10  to  49 

6.  1 0  to  49 

6.  10  to  49 

7.  1  to  9 

7.  1  to  9 

7.  1  to  9 

8.  None 

8.  None 

8.  None 

A 

16. 

B 

Local-Area  Networks 

17. 

Network  Operating  System  Software  (NOS) 

18. 

Intel  Based  Servers 

19. 

Intel  Based  Multi  Processor  Servers 

20. 

RISC  Based  Servers 

21. 

Clustered  Servers 

22. 

Print  Servers 

23. 

Routers 

_ 

24. 

Layer  2  Switches 

_ 

25. 

Layer  3  Switches 

_ 

26. 

Layer  4-7  Switches 

27. 

ATM  Switches 

_ 

28. 

Token-Ring  Switches 

29. 

Network  Storage  (N as,  sans) 

30. 

Storage/Backup  (Optical,  Disk,  Tape,  RAID) 

31. 

Network  Test/Diagnostic  Tools 

32. 

UPS 

< 

1! 

> 

Please  indicate  the  Network  haidw< 

currently  involved  in  purchasing  or 

45. 

46. 

47. 

48. 

49. 

50. 

51. 

52. 

53. 

54. 

55. 

56. 

57. 

58. 

59. 

60. 

Asynchronous  Transfer  Mode  ( atm ) 
Frame  Relay  Equipment  Including  FRADS 
Frame  Relay  Services 
ISDN  Equpment/Services 


11. 

_ 

Gigabit  Ethernet 

12. 

Switched  Ethernet 

13. 

Fast  Ethernet 

— 

14. 

Ethernet 

15. 

I 

ATM 

_ 

16. 

_ 

Token  Ring/Token  Ring  Switching 

17. 

Layer  3, 4  Switching 

— 

18. 

FDDI 

_ 

19. 

100Base-T 

_ 

20. 

lOBase-T 

_ 

21. 

Fibre  Channel 

_ 

22. 

Wireless  LANs 

__ 

23. 

DSL 

_ 

24. 

ISDN 

_ 

25. 

Frame  Relay 

_ 

26. 

Private  Line  T1,  T3,  FT-1,  SONET 

_ 

27. 

_ 

Other  LAN/WAN  Environment 

37. 

NT  Workstation 

38. 

Windows  2000 

39. 

Windows  98, 95  3.1 

40. 

Intel  Based  UNIX 

41. 

RISC  Based  UNIX  fnci.  Solaris) 

42. 

LINUX 

43. 

DOS 

44. 

OS/2,  OS/2  WARP 

45. 

OS/400 

46. 

IBM  MVS/VM/VSE/ESA 

47. 

Digital  VMS 

48. 

Macintosh 

49. 

Other  Computer  Operating  System 

A  B 

None  of  the  above  (1-49)  D50.U 


None  of  the  above  (1  -60)  □  A  61 .  □  B 


Winch  of  the  following  hardware  platforms  are  installed/  "N 

W  planr|6d  in  your  company?  (check  ALL  that  apply) _ _ _ y 


D 


A  -  MAINFRAMES  (Large  Scale) 

1.  LJ  IBM 

2.  □  Other 


A.  CURRENTLY  INVOLVED  IN  PURCHASING 
SYSTEMS/PERIPHERALS 


Windows  Terminals/Thin  Clients 
Workstations 


Printers 

07.  LJ  Printer/Fax/Copier  Hybrids  (Mimmceon  Printers) 


Jflk  Wl  idt  is  your  scope  and  involvement  in  purchasing  decisions 

ly  for  network  products  and  services  for  your  enterprise? _ J 

B.  INVOLVEMENT  (check  ALL  that  apply) 


01. 

02. 

_ 

03. 

_ 

04. 

_ 

05. 

06. 

07. 

_ 

08. 

_ 

09. 

10. 

_ 

11. 

_ 

_ 

12. 

A.  SCOPE  (check  QNE  only) 

Corporate 


1. 

Entie  EntBrprise/Muttipte  Enterprises 

2. 

Division/Multiple  Divisions 

3. 

Department 

4. 

None 

1 .  _  Create  Network/IT  Strategy  4. 

2.  _  Recommend/Specify  Brand  5.  — 

3.  _ Approve  Purchase  6. _ 


Evaluate  Products/Services 
Determine  the  Need 
None 


Memory/Chips/Boards/Cards 
Other  Computers/Peripherals 

SOFTWARE/APPLICATIONS 

A  A 

1 3.  L  Network  Management  (incl.  snmp) 

14.  L  Systems  Management 
_1 15.  L  Security 

16.  LJ  Directory  Services 


17. 

18. 

_ 

_ 

19. 

_ 

_ 

20. 

_ 

_ 

21. 

_ 

22. 

_ 

23. 

_ 

_ 

24. 

K_ 

25. 

_ 

26. 

_ 

_ 

27. 

_ 

28. 

_ 

29. 

_ 

30. 

_ 

_ 

31. 

_ 

_ 

32. 

_ 

33. 

B.  PUN  TO  PURCHASE 


Operating  Systems 
Applications  Development  Tools 
Database  Management/RDBMS 
Groupware 
E-Mail 

Enterprise  Resource  Planning  (ERP) 
EDI 

Desktop  Videoconferencing 
Imaging 

Middleware/Serverware 
Document  Management 
Site  Metering  Tools 
Data  Warehousing 
Anti  Virus  Software 
Multimedia 
Helpdesk 

Other  Software/Applications 


B- 

MINIS  (Midrange) 

C- 

WORKSTATIONS 

1. 

IBM  RS/6000 

1. 

Sun  Microsystems 

2. 

IBM  AS/400 

2. 

H-P 

3. 

Digital/Tandem/Compaq 

3. 

Digital/Compaq 

4. 

Unisys 

4. 

IBM 

5. 

_ 

H-P 

5. 

Silicon  Graphics 

6. 

Other 

6. 

Other 

© 


What  is  the  estimated  gross  revenue  of  your  entire 
company/institution?  (check  ONE  only) 


J 


$20  billion  or  more  05. 

$10  billion  to  $19.9  billion  06. 
$1  billion  to  $9.9  billion  07. 
$500  million  to  $999.9  million  08. 


_  $1 00  million  to  $499.9  million 
_  $50  million  to  $99.9  million 

_  $1 0  million  to  $49.9  million 

_ $5  million  to  $9.9  million 


B 


$4.9  million  or  less 
None  of  the  above 


© 


For  which  areas  outside  of  the  U.S.A.  do  you  have 

purchase  influence?  (check  all  that  apply) 


_  Europe 
_  Asia 

_  South  America 


Australia 
Middle  East 
Africa 


n  i 

□  i 


7.  1 _ j  Canada 

None 


Form: 0001 
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Wimet  E-mail  Address  

PR1001A 


BUSINESS  REPLY  MAIL 
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WAN  CONNECTIVITY  SOLUTIONS 


Hot  applications  for 


s  lira  me  Relay. 


AN  delivers 


ADTRAN  Frame  Relay 


Frame  Relay  Access, 
Concentration  and  Switching 


Frame  Relay  Routing 


IP  Internetworking  and  VoFR  solutions  for 
the  WAN  technology  you  know  and  trust. 

Suddenly  it’s  simple  to  capitalize  on  your  investment  in  packet  switched 
networks.  ADTRAN’s  time-tested,  field-proven  Frame  Relay  access 
products  now  boast  new  and  advanced  features  to 
support  multi-protocol  data,  converged  voice  and 
data,  routing,  disaster  recovery,  performance 
monitoring,  and  more.  Central  site  and  remote  " 

access  devices  support  virtually  every  application  at  every  ATLAS  550 

remote,  at  speeds  ranging  from  56  kbps  to  2.048  Mbps.  Now  you  can  readily 
implement  today’s  most  in-demand  applications,  while  reducing  PVCs, 
eliminating  long  distance  toll  charges,  and  extending  PBX  functionality. 


Converged  Voice  and  Data 


Multi-Protocol  Data 


Compressed  Voice 


FXS,  FXO,  E8cM,  and 
DSX-1  Voice 


Private  or  Public  Circuits 


Performance  Monitoring 


Disaster  Recovery 


Network  Management 


Five-Year  Warranty 


Unrestricted  Technical 
Support 


,jce/Data 


For  a  free  application  brief  on  Voice  Over  Frame  Relay, 

visit  www.adtran.com/convergef rame .  To  speak  to 
a  network  engineer,  call  87?  591-3055  toll-free. 


64KVOJC' 

&  IP  R° 


Cost-effective  solutions  for  DOS,  FT1, 
Express  ancj  ji  prame  Reiay  lower  network 
costs,  expand  user  functionality,  and 
ti  Data/y°ice  position  your  network  for  future  growth 

£  ip  Routing 


Experts  choose  ADTRAN 


ADTRAN  is  a  registered  trademark  of  ADTRAN.  Inc 


